Less than a week after over $1.4 billion in assets were stolen from Bybit, the exchange’s CEO, Ben Zhou, has vowed to take action against those responsible.
Zhou announced a new initiative targeting the North Korean-affiliated Lazarus Group, the hackers behind the 21 February attack.
Through a new bounty website, Lazarusbounty.com, Bybit is offering a reward of 5% of any frozen stolen funds, with successful interceptions potentially earning up to 10%—a sum that could reach $140 million.
Blockchain investigator ZachXBT provided crucial evidence linking Lazarus to the hack, which involved the theft of liquid-staked Ether, Mantle Staked ETH (mETH), and other ERC-20 tokens.
Despite the attack, Bybit assured users on 23 February that it had replenished the stolen crypto, restoring a 1:1 ratio on client assets.
While some firms offer bounties to hackers in exchange for the return of stolen funds, Zhou’s call to eliminate Lazarus could make Bybit a target for future attacks.
The platform is also working with a security alliance to ensure the integrity of its response, with positive contributions already reported from stablecoin issuers like Tether and Circle.
LazarusBounty.com serves as a comprehensive security hub, aggregating data from prominent blockchain firms like Chainalysis, Arkham, and GoPlus.
This real-time repository equips investigators and the wider community with essential tools to detect, analyse, and combat illicit activities.
The platform also mobilises leading blockchain forensic experts, including ZachXBT and Yu Xian of SlowMist, to conduct thorough investigations following significant breaches.
These specialists employ advanced forensic tools to trace stolen assets, identify perpetrators, and collaborate with law enforcement and impacted platforms.
Designed as a proactive deterrent against cybercrime, LazarusBounty.com enhances the industry's capacity to respond to emerging security threats.
Created in just two days due to the urgency of the situation, Zhou announced plans to release an updated version of the platform with improved functionality and design.
He also expressed openness to user feedback and suggestions for further refinement.
To participate in the hack bounty programme, users must connect their wallet to assist in tracing stolen funds.
Contributors who successfully help freeze illicit assets will receive an upfront reward of 5%.
Bybit also plans to add a live update feature, allowing participants to track the latest wallet balances and claim ownership of specific wallets for a designated period.
Additionally, LazarusBounty.com features a bounty leaderboard that tracks and rewards users based on their success in recovering stolen funds.
The platform recognises and catalogs verified intelligence from security researchers and ethical hackers who expose cybercriminals.
An automated notification system promptly alerts exchanges and platforms, enabling them to freeze stolen funds before they can be laundered.
To further bolster security, Bybit has formed a security advisory board consisting of chief security officers from leading blockchain networks.
This decentralised council works collaboratively to improve security protocols, share intelligence, and strengthen protective measures across the crypto ecosystem.
The launch of Bybit’s hack bounty programme aims to unite the Web3 ecosystem in combating the North Korea-affiliated hackers who have stolen over $3.4 billion in the past two years, according to Chainalysis.
Despite this substantial loss, Zhou reassured users about the platform’s financial health, confirming that all client assets remain fully backed 1:1, with unaffected wallets and withdrawals continuing to function normally.
Bybit is actively collaborating with blockchain forensic experts to trace the stolen funds and has already recovered some of the lost assets.
To prevent future breaches, the exchange is undergoing a thorough review and enhancement of its security protocols, including advanced authentication measures, regular audits, and user education on asset protection.
As tensions rise, the key question remains: Will this crowdsourced initiative meet its ambitious goals, or fall short?
This article introduces 11 spot Bitcoin ETFs approved in 2024 to help investors choose suitable investment tools and easily enter the cryptocurrency market.
AlexMeta Spark will shut down on January 14, 2025, ending its platform for third-party AR creation and removal of user-generated AR content from Instagram, Facebook, and Messenger. Meta is shifting its focus to AI and the metaverse, leaving AR developers to find new platforms like Snapchat's Lens Studio or Unity.
WeatherlyTelegram CEO Pavel Durov is under investigation in Switzerland for alleged child abuse, following a complaint by his former partner, Irina Bolgar. These accusations, involving unpaid child support and custody issues, surfaced after his recent arrest in France. Durov is out on $5.5 million bail but remains under judicial supervision.
CatherineThe SEC issued a Wells notice to OpenSea, claiming certain NFTs on its platform may qualify as securities, marking a significant regulatory shift towards the NFT sector. OpenSea’s CEO, Devin Finzer, responded by defending the creative freedom of artists and announcing a $5 million legal fund to support NFT creators.
WeatherlyChinese hackers are suspected to have exploited a zero-day vulnerability in Versa Director, software used by ISPs to secure networks, compromising several internet companies in the US and abroad.
KikyoJapanese Prime Minister Fumio Kishida announced plans for Japan to lead in Web3 innovation, highlighting supportive tax reforms and regulatory measures to foster blockchain startups. He also proposed a legal framework for DAOs and emphasised using Web3 technologies to address societal challenges and enhance economic growth.
AnaisHamster Kombat, Telegram's top tap-to-earn game, will launch its HMSTR token on The Open Network (TON) on 26 September, with an airdrop for players the same day. Experts predict it could surpass Notcoin's success.
CatherineHugo Hyungsoo Lee, CEO of Haru Invest, was stabbed in court by a man upset over the company's alleged fraud, which led to a suspension of $1.05 billion in customer deposits. The attack highlights the severe personal and financial repercussions of financial misconduct in the cryptocurrency sector.
AnaisMeta is reportedly developing sleek, mixed-reality glasses, codenamed "Puffin," set for a 2027 release, offering a more streamlined alternative to the heavy headsets that have yet to gain widespread traction.
KikyoFrench football star Kylian Mbappé's X (formerly Twitter) account was hacked on August 29, 2024, to promote a scam cryptocurrency, $MBAPPE, which skyrocketed in value before crashing, leading to significant financial losses for unsuspecting investors.
Joy
