Last week, hackers stole round $1.4 billion in Ethereum cryptocurrency from crypto alternate Bybit, believed to be the most important crypto heist in historical past. Now, the corporate is providing a complete of $140 million in bounties for anybody who may help hint and freeze the stolen funds.
Bybit’s CEO and co-founder Ben Zhou introduced the bounty in a put up on X on Tuesday.
On the official website of the bounty, Bybit explains that for each time somebody traces and freezes a number of the stolen funds, 5% of that quantity goes to the one who discovered them, and 5% to the “entity” that froze mentioned funds.
At the time of writing, thanks to 5 bounty hunters, Bybit has already awarded $4.23 million in bounties, in accordance with the positioning, whose brand is a knife showing to be stabbing via the pinnacle of North Korean chief Kim Jong-un.
Contact Us
Do you might have extra details about the Bybit hack, or different crypto heists? From a non-work gadget and community, you possibly can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, or through Telegram and Keybase @lorenzofb, or electronic mail. You can also contact TechCrunch through SecureDrop.
“We is not going to cease till Lazarus or dangerous actors within the business is eradicated. In the long run we are going to open it as much as different victims of Lazarus as properly,” Zhou wrote, referring to Lazarus Group, the identify that the cybersecurity business has assigned to a broad group of North Korean-backed hackers centered largely on cryptocurrency thefts.
Multiple safety researchers and crypto safety and monitoring corporations consider the hackers behind the huge Bybit heist work for the North Korean authorities, which through the years has change into very efficient at focusing on crypto exchanges and web3 corporations, stealing $650 million in crypto in 2024 alone, in accordance with the governments of the United States, Japan, and South Korea.
On Wednesday, Bybit’s Zhou revealed the preliminary outcomes of the forensic investigation into the hack, led by two corporations, Sygnia Labs and Verichains. Sygnia concluded that the “root trigger” of the assault was malicious code coming from the infrastructure of SecureWallet, a crypto pockets platform. Verichains mentioned a benign Javascript file was changed with a malicious model “particularly focusing on Ethereum Multisig Cold Wallet of Bybit.”
The two investigating safety corporations concluded that hackers breached a developer’s gadget at SecureWallet, as the corporate itself confirmed.
