Well-known expert ZachXBT has revealed that the Bybit exchange was attacked by hackers from North Korea, part of the Lazarus group.
According to ZachXBT, the hackers withdrew 5,000 ETH to a new address and started laundering the cryptocurrency through the centralized mixer eXch. They then transferred the funds to bitcoin using the Chainflip service.
An expert suggested that the hackers behind Friday's Bybit breach are the same ones who attacked the hot wallets of the Singaporean cryptocurrency exchange Phemex in January, stealing at least $70 million.
Analytical company Arkham Intelligence noted ZachXBT's contribution to identifying the attackers and awarded him 50,000 ARKM tokens. Following the incident, the company announced a reward program for those who help identify the hackers. The team of blockchain founder Justin Sun and cryptocurrency exchange OKX also participated in tracking the stolen funds.
Bybit CEO Ben Zhou reported that only one hot wallet of the exchange was compromised, while cold wallets remained untouched. Twelve hours after the hack, Zhou announced that all user withdrawal requests had been processed. The withdrawal procedure on the exchange is operating as usual: users can withdraw any amounts without delays. Bybit notified law enforcement about the hack and is conducting a large-scale security assessment.
Earlier, American law enforcement stated that North Korean hackers were responsible for the hack of the Ethereum sidechain Ronin Network in March 2022, resulting in the theft of $625 million in cryptocurrency.
