- Bybit has launched a $140 million bounty program to trace the billions stolen in last weekend’s hack
- Hackers drained $1.5 billion from Bybit’s cold wallets, the biggest non-cash heist of all time
- Blockchain analysts suspect the North Korean-linked Lazarus Group is responsible for the attack
In the wake of one of the largest crypto heists in history, Bybit has announced the launch of a $140 million ‘Lazarus Bounty’, an initiative aimed at tracking and recovering stolen funds. The move follows a $1.5 billion breach of Bybit’s cold wallet on February 21, which resulted in the unauthorized transfer of over 401,000 Ether. Cybersecurity experts, including Arkham Intelligence and Elliptic, have linked the attack to the Lazarus Group, a notorious North Korean-backed cybercrime syndicate known for targeting cryptocurrency exchanges. Bybit’s bounty program seeks to mobilize the crypto community to monitor hacker activity and assist in recovering misappropriated assets.
A Community-Led Hunt for Cybercriminals
Bybit’s ‘Lazarus Bounty’ is an industry-first initiative that allows users to track hacker movements and report suspicious transactions. Announcing the program, Bybit CEO Ben Zhou urged the community to take part:
Join us on war against Lazarus – https://t.co/6DnaH1WTId
Industry first bounty site that shows aggregated full transparency on the sanctioned Lazarus money laundering activities. V1 includes:
– Becoming a bounty hunter by connecting your wallet and help tracing the fund, when…— Ben Zhou (@benbybit) February 25, 2025
The platform, which was developed in just two days, provides real-time tracking of blockchain addresses associated with the hack, with the bounty offering a 5% reward for anyone who helps freeze or recover the stolen funds.
Lazarus’ Most Audacious Hack Yet
The Lazarus Group, backed by North Korea’s intelligence services, has been responsible for some of the largest cryptocurrency heists in history. The organization has previously stolen over $3 billion in crypto, funneling funds to support North Korea’s weapons programs. Their attacks typically exploit security weaknesses in DeFi platforms and centralized exchanges, using sophisticated laundering techniques to obscure the stolen assets’ trail.
Bybit’s aggressive counteroffensive represents a significant shift in how crypto exchanges respond to such threats; rather than relying solely on law enforcement, the platform is empowering its users to play an active role in tracing and freezing stolen funds. Whether this model proves effective remains to be seen, but it marks a turning point in the industry’s fight against large-scale crypto theft.
In his message, Zhao reassured the community that all client assets remain secure and 1:1 backed, reassuring users that “Bybit is solvent even if this hack loss is not recovered.”
