On Feb. 21, 2025, Bybit, one of the major cryptocurrency exchanges, was hit by a hack that saw over $1.4 billion in assets stolen by hackers associated with North Korea’s Lazarus Group.
On Feb. 21, 2025, Bybit, one of the major cryptocurrency exchanges, was hit by a hack that saw over $1.4 billion in assets stolen by hackers associated with North Korea’s Lazarus Group. In response, Bybit CEO Ben Zhou launched a bounty program offering up to $140 million for anyone who successfully helps trace or freeze the stolen funds. The bounty program, hosted on Lazarusbounty.com, promises 5% of the stolen funds for those who track the crypto, and 10% for those who help freeze it.
The attack was traced back to Lazarus Group, which has been responsible for stealing over $3.4 billion in crypto from exchanges over the past two years. Bybit reported that some of the stolen funds have already been laundered through the eXch protocol, a Belize-based exchange known for lax KYC policies. Despite the theft, Bybit has been quick to restore its client assets, claiming it replaced the stolen funds and is now back to a 100% balance for user accounts.
Zhou’s bounty announcement comes as part of a larger effort to fight Lazarus and other malicious actors. Bybit has purchased $574 million worth of Ethereum (ETH) in the last few days through OTC platforms to help repay borrowed funds. As of writing, $4.2 million has been awarded to bounty hunters, including Binance, ZachXBT, and Mantle network, who have contributed to identifying and tracing the stolen crypto.
Bybit’s efforts extend beyond just tracking down the stolen funds. The exchange has resumed operations in India after receiving the necessary regulatory approval. The bounty program’s reward structure is designed to encourage participation, offering a 10% reward to contributors who assist in freezing the stolen funds. The initiative is seen as a way to unite the Web3 ecosystem against Lazarus, with plans to extend the bounty to other victims of the group.
This hack has been one of the largest in crypto history, surpassing the $600 million Ronin Bridge hack in 2022. Currently, $94.1 million of the stolen funds have already been laundered. However, Bybit remains committed to eliminating Lazarus and bringing accountability to those responsible for crypto thefts. The exchange is actively working on further updates to the bounty site and hopes to engage the crypto community in the effort to reclaim the stolen funds.
Bybit’s swift action in offering a bounty and taking measures to ensure it can pay back its clients highlights the growing concern over cyberattacks targeting the crypto sector. With a clear focus on transparency and collaboration, Bybit aims to set a precedent in fighting back against North Korean hackers.
This article contains links to third-party websites or other content for information purposes only (“Third-Party Sites”). The Third-Party Sites are not under the control of CoinMarketCap, and CoinMarketCap is not responsible for the content of any Third-Party Site, including without limitation any link contained in a Third-Party Site, or any changes or updates to a Third-Party Site. CoinMarketCap is providing these links to you only as a convenience, and the inclusion of any link does not imply endorsement, approval or recommendation by CoinMarketCap of the site or any association with its operators.
This article is intended to be used and must be used for informational purposes only. It is important to do your own research and analysis before making any material decisions related to any of the products or services described. This article is not intended as, and shall not be construed as, financial advice.
The views and opinions expressed in this article are the author’s [company’s] own and do not necessarily reflect those of CoinMarketCap.
