Investigation revealed that BingX, & Phemex hacks were also connected to the same cluster as Bybit’s, confirming the threat actor’s identity as the Lazarus group.
An independent investigation into the $1.5 billion hack suffered by the Bybit cryptocurrency exchange on Friday has revealed connections to the infamous Lazarus group.

A day after the attack was disclosed by ByBit, Blockchain investigator ZachXBT shared findings connecting the hack to the DPRK-backed hacking group.

“At 19.09 UTC today, @zackxbt submitted definitive proof that this attack on Bybit was performed by the Lazarus Group,” said a Saturday X post by Arkham Intelligence, the blockchain analysis firm that awarded ZackXBT a bounty for their discovery.

Bybit is the world’s second-largest cryptocurrency exchange by trading volume, with over 50 million registered users worldwide as per a September 2024 report.

Connection confirmed by transactions prior to the attack

ZachXBT submitted a detailed analysis of test transactions and connected wallets used just before the exploit, along with multiple graphs and timing analysis, which Arkham added in the X post.

Stay updated with SOC News for cutting-edge security innovations and expert industry insights! 

Source : https://www.csoonline.com/article/3831315/bybits-1-5b-hack-linked-to-north-koreas-lazarus-group.html