NAIROBI, Kenya – The digital cat-and-mouse game between North Korean hackers and crypto security experts just took a turn for the worse.
At least $300 million of the staggering $1.5 billion stolen from crypto exchange ByBit has already been laundered, slipping out of reach for good.
The masterminds? The Lazarus Group, a notorious hacking syndicate with deep ties to the North Korean regime.
Their latest heist is not just about money—experts believe these stolen funds could be financing the country’s military and nuclear ambitions.
🕵️ Bybit’s $140M Crypto Bounty! In response to a recent security breach, Bybit has announced a $140M bounty to track down the culprits behind a major crypto heist. 🔹 Largest bounty in crypto history 🔹 A strong move to combat rising cyber threats in Web3 Could this set a new…
Tracking and freezing the funds has become a global effort, with ByBit launching a public bounty to trace the stolen crypto.
But with time on their side, Lazarus hackers are working around the clock to erase the digital money trail before authorities can stop them.
How Did They Pull Off a $1.5B Crypto Theft?
The hack was as audacious as it was sophisticated. On February 21, the attackers infiltrated one of ByBit’s third-party service providers, secretly altering a transaction address.
When 401,000 Ethereum (ETH) coins were supposed to be transferred to ByBit’s digital wallet, they were instead redirected—straight into the hands of Lazarus.
By the time ByBit caught on, it was too late. The funds had already started moving across blockchain networks, bouncing between wallets in a classic laundering operation.
In response, ByBit CEO Ben Zhou assured users that customer funds were safe, with the firm replenishing stolen assets through loans from investors.
But Zhou has made it clear: this isn’t over. ByBit has declared war on Lazarus, offering bounties to those who help trace and freeze the stolen money.
North Korean Hackers Cash Out $300M in Record $1.5B ByBit Crypto Heist North Korea’s Lazarus Group hacked ByBit, stealing $1.5B in crypto. Despite efforts to block them, they’ve laundered $300M. Experts warn 20% of assets have “gone dark.”
The High-Stakes Crypto Laundering Game
Every crypto transaction is public, meaning security experts can watch the stolen money move in real-time. The challenge? Lazarus hackers are experts at covering their tracks.
“They are the best in the world at laundering crypto,” says Dr. Tom Robinson, co-founder of Elliptic, a blockchain analysis firm.
He believes Lazarus operates with near-military precision, working in shifts to convert stolen crypto into cash before authorities can catch up.
The strategy is simple but effective:
- Move stolen funds through thousands of wallets to obscure their origin.
- Use crypto mixing services to make tracing nearly impossible.
- Cash out through exchanges—some of which, like eXch, have been accused of turning a blind eye.
Despite global efforts, 20% of the stolen funds—roughly $300M—have now gone “dark”, meaning they are effectively unrecoverable.
Crypto’s Growing Security Problem
This isn’t Lazarus Group’s first major crypto heist—and it won’t be the last. North Korea has been using cybercrime to fund its regime for years, with Lazarus pulling off some of the largest crypto hacks in history:
- 2019: $41M stolen from UpBit.
- 2020: The U.S. places Lazarus members on its Cyber Most Wanted list.
- 2022: A $600M attack on Ronin Bridge.
- 2023: $100M stolen from Atomic Wallet.
While major crypto platforms like ByBit are actively fighting back, the industry still lacks strong protections against state-sponsored cybercrime.
Experts warn that until exchanges implement stricter security measures, Lazarus will keep striking—one blockchain at a time.
