In a shocking incident reported last week, cybercriminals successfully executed what is believed to be the largest cryptocurrency heist in history, stealing approximately $1.4 billion in Ethereum from the Bybit exchange. In response to this audacious breach, Bybit has announced a generous bounty programme, offering up to $140 million for information leading to the tracing and freezing of the stolen assets. This initiative was disclosed by Ben Zhou, the CEO and co-founder of Bybit, via a social media post.
Bybit’s bounty system operates such that for each instance of successfully tracking and freezing stolen funds, both the discoverer and the entity that secured the funds will receive a reward of 5% of the total recovered amount. To date, bounty hunters have reportedly earned $4.23 million from Bybit as a result of their efforts.
The exchange has set up a dedicated site for the bounty, featuring a logo controversially depicting a knife piercing through North Korean leader Kim Jong-un’s head, underscoring the speculation that the hackers are linked to the notorious Lazarus Group. This group is widely known for its connections to North Korean state-sponsored cyber activities and has been implicated in various significant cryptocurrency thefts.
Security experts believe that the Bybit breach was orchestrated by North Korean hackers who are increasingly targeting cryptocurrency platforms—evidenced by the theft of $650 million from exchanges and web3 companies this year alone, as reported by several governments including those of the United States, Japan, and South Korea.
Preliminary findings from the forensic investigation led by Sygnia Labs and Verichains point to a cyberattack originating from malicious code within the infrastructure of SafeWallet, a crypto wallet service. Investigators uncovered that a benign JavaScript file had been tampered with to target Bybit’s Ethereum Multisig Cold Wallet, which facilitated the theft.
Furthermore, it has been confirmed that the hackers infiltrated a developer’s device at SafeWallet, allowing them to compromise security measures and execute the heist. Bybit’s ongoing commitment to retrieving the stolen funds reflects its broader stance against criminal actors within the blockchain ecosystem, with Zhou emphasising the exchange’s determination to pursue justice and support other victims of Lazarus Group’s thefts in the future.
In summary, while Bybit grapples with the aftermath of one of the most significant security breaches in the cryptocurrency sector, its bounty initiative serves as a call to action for the community, urging collaboration in the fight against cybercrime.
Fanpage: TechArena.au
Watch more about AI – Artificial Intelligence
