FBI Confirms North Korean Involvement in Bybit Hack

The Federal Bureau of Investigation (FBI) has confirmed that the attack on the Bybit exchange was orchestrated by hackers from the North Korean group TraderTraitor, also known in the industry as Lazarus Group, APT38, BlueNoroff, and Stardust Chollima. 

The agency released a list of 51 Ethereum addresses associated with the group and advised companies to avoid interacting with these wallets.

According to the FBI, the perpetrators are actively converting stolen assets into Bitcoin and other digital currencies. The funds are dispersed across thousands of addresses on multiple blockchains. It is expected that these cryptocurrencies will be laundered and converted into fiat.

As of February 26, the total amount of laundered funds reached 135,000 ETH, and Bybit CEO Ben Zhou announced a “bounty hunt,” launching a website to track the actions of the Lazarus Group. 

Previously, cypherpunk Adam Back called the “flawed EVM design” the reason for the exchange’s breach. Later, Sygnia analysts reported that the incident occurred due to a vulnerability in the Safe infrastructure.