The notorious North Korean Lazarus Group has once again shaken the crypto industry, moving large sums of stolen funds following the record-breaking $1.4 billion Bybit hack. On Feb. 22, onchain analytics firm Lookonchain reported that the hackers transferred 10,000 Ether (ETH), valued at $27 million, to a wallet labeled “Bybit Exploiter 54” in an attempt to launder the funds.
Bybit hacker(from Lazarus Group) has transferred 10,000 $ETH($27M) to Bybit Exploiter 54 and began laundering funds.
— Lookonchain (@lookonchain) February 22, 2025
Bybit hacker currently holds 489,395 $ETH($1.32B) and 15,000 cmETH(unable to withdraw) in 53 other wallets. pic.twitter.com/mkeTec5gfR
Massive Fund Movements and Stolen Reserves
According to blockchain investigator ZachXBT, the Lazarus Group currently holds 489,395 ETH, valued at over $1.3 billion, along with 15,000 Mantle Restaked ETH (cmETH) across 53 different wallets. Onchain data from Etherscan reveals that the hackers have been actively shifting funds, conducting over 83 transactions between wallets in an eight-hour period.
The latest transaction from Bybit Exploiter 54, recorded at 01:23:47 PM UTC on Feb. 22, saw 66 ETH—worth approximately $182,831—transferred to a wallet ending in “CE9.” These continuous movements suggest the group is attempting to obfuscate the stolen assets and avoid detection.
Bybit’s Recovery Efforts Gain Momentum
Despite the scale of the exploit, Bybit has made swift progress in its recovery efforts. Polygon’s Chief Information Security Officer, Mudit Gupta, confirmed that approximately $43 million in stolen assets have already been recovered, thanks to collaboration between Mantle, SEAL, and mETH teams.
Additionally, Tether CEO Paolo Ardoino announced that the stablecoin issuer froze 181,000 USDT linked to the hack on Feb. 22, preventing further laundering of stolen funds.
We just froze 181k USDt connected to the ByBit hack.
— Paolo Ardoino 🤖 (@paoloardoino) February 22, 2025
Might not be much but it's honest work.
We keep monitoring.
Kudos to @zachxbt
Bybit Launches $140 Million Bounty Program
In a bold move to accelerate fund recovery, Bybit has introduced a bounty program, offering up to 10% of the stolen assets—equating to $140 million—to those who contribute to tracking and reclaiming the funds. The initiative has been widely praised within the crypto industry, with experts commending Bybit’s transparency and crisis management.
CEO Ben Zhou reassured users that withdrawals have resumed at a normal pace, emphasizing that customers can withdraw any amount without delays. Independent audits by Hacken further confirmed that Bybit’s reserves remain fully backed, ensuring user funds are secure.
Also Read: Bybit’s Ether Reserves Recover 50% Post-Hack Following $295M ETH Purchase
As the Lazarus Group continues its laundering efforts, the crypto community remains vigilant in tracking the stolen assets and supporting Bybit’s ongoing recovery mission.
Disclaimer: The information in this article is for general purposes only and does not constitute financial advice. The author’s views are personal and may not reflect the views of Chain Affairs. Before making any investment decisions, you should always conduct your own research. Chain Affairs is not responsible for any financial losses.
About The Author
