Final week, hackers stole around $1.4 billion in Ethereum cryptocurrency from crypto exchange Bybit, believed to be the most important crypto heist in historical past. Now the corporate is providing a complete of $140 million in bounties for anybody who may also help hint and freeze the stolen funds.
Bybit’s CEO and co-founder Ben Zhou announced the bounty in a publish on X on Tuesday.
On the official site of the bounty, Bybit explains that for each time somebody traces and freezes among the stolen funds, 5% of that quantity goes to the one that discovered them and 5% goes to the “entity” that froze mentioned funds.
On the time of writing, thanks to 5 bounty hunters, Bybit has already awarded $4.23 million in bounties, in response to the positioning, whose emblem is a knife showing to be stabbing by the top of North Korean chief Kim Jong-un.
Contact Us
Do you’ve gotten extra details about the Bybit hack, or different crypto heists? From a non-work machine and community, you’ll be able to contact Lorenzo Franceschi-Bicchierai securely on Sign at +1 917 257 1382, or through Telegram and Keybase @lorenzofb, or email. You can also contact TechCrunch through SecureDrop.
“We won’t cease till Lazarus or unhealthy actors within the business is eradicated. Sooner or later we’ll open it as much as different victims of Lazarus as nicely,” Zhou wrote, referring to Lazarus Group, the title that the cybersecurity business has assigned to a broad group of North Korean-backed hackers targeted largely on cryptocurrency thefts.
A number of safety researchers and crypto safety and monitoring companies believe the hackers behind the massive Bybit heist work for the North Korean government, which through the years has turn out to be very efficient at concentrating on crypto exchanges and web3 corporations, stealing $650 million in crypto in 2024 alone, according to the governments of the United States, Japan, and South Korea.
On Wednesday, Bybit’s Zhou published the preliminary results of the forensic investigation into the hack, led by two corporations, Sygnia Labs and Verichains. Sygnia concluded that the “root trigger” of the assault was malicious code coming from the infrastructure of SafeWallet, a crypto pockets platform. Verichains mentioned a benign JavaScript file was changed with a malicious model “particularly concentrating on Ethereum Multisig Chilly Pockets of Bybit.”
The 2 investigating safety corporations concluded that hackers breached a developer’s machine at SafeWallet, as the company itself confirmed.
