• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer

TronWeekly

Crypto World News

  • Home
  • Education
    • Best TRON Wallets
    • Beginner’s guide to TRON
  • Opinion
    • Tron Tokens
    • Market Analysis
  • Industry
    • Tron Exchange
    • Project Review
  • Press Release
  • Advertise
  • About us
    • The Team
    • Editorial Policy
    • Write for us
    • Privacy Policy
    • Disclaimer
    • Terms and Conditions
    • Contact
You are here: Home / Archives for ByBit Hack

ByBit Hack

Kraken Blocks North Korean Hacker’s Access Attempt: Details

May 4, 2025 by Paul Adedoyin

  • Kraken exposed a North Korean hacker posing as a software engineer, uncovering discrepancies like fake identities, voice changes during interviews, and suspicious technical setups.
  • The exchange allowed the candidate to advance in interviews to gather intel on Lazarus Group’s hiring infiltration tactics.
  • Lazarus Group has stolen $650M+ from crypto firms and is now shifting focus to European targets after U.S. scrutiny following the ByBit hack.

Leading cryptocurrency exchange Kraken has announced that it recently discovered an attempt to infiltrate its platform. The official statement revealed that a North Korean hacker claimed to be a software engineer and applied for a job with the exchange.

Initially, the hiring process appeared normal, but various technical issues and irregular behaviors led to various suspicions. First, the name the intended employee used on their resume was different from they used to join the interview call.

Also, there were occasions during the interview call when the voices were changing. This suggested that the someone else was coaching them through the interview call.

Kraken further revealed that the individual method of accessing the system included a mix of mac desktops and virtual private servers (VPS), a common setup for hiding one’s physical location. Based on these suspicious behaviors, Kraken’s hiring team cross-checked the applicant’s details.

The check made them discover that the applicant’s email address was the same as one industry partners had previously identified as belonging to the North Korean hacker group (Lazarus). Using a combination of breach data, email patterns, and other open-source intelligence techniques, the Kraken red team made an in-depth probe.

Kraken Reveals Broader Plot Targeting Crypto Firms

The team discovered that the candidate was one of many fake identities on the web and had even gained employment at some other cryptocurrency firms. Despite the discovery, Kraken allowed the candidate to move to the next interview rounds.

Their aim was to gather more information on the tactics this group used in applying for jobs at crypto companies. Kraken’s chief security officer, Nick Percoco, led the final interview. Percoco asked simple questions for the candidate to verify their identity.

Such questions included knowledge about their local environment. They were also asked to provide a proper identity verification live on the interview.

However, the applicant’s responses weren’t convincing at all, which made the team confirm its previous suspicions that the application was an attempt to infiltrate the company. Data shows that the North Korean hacker group stole more than $650 million from crypto companies last year alone.

Lately, there have been reports that the group is now targeting Europe-based crypto companies since their methods have now been cast in the U.S. following the ByBit hack.

Related Reading |

Filed Under: News, Industry Tagged With: $650M crypto hack, ByBit Hack, crypto exchange security, crypto job scam, Kraken security, Lazarus Group, North Korean Hackers, social engineering, VPS hacking

U.S. Cracks Down on Cambodia’s Huione Group for $4B Crypto Money Laundering Scheme

May 3, 2025 by Mwongera Taitumu

  • Huione Group processed $98B in crypto through illicit activities.
  • U.S. Treasury links Huione to North Korean hackers and fraud rings.
  • Huione’s USDH stablecoin is designed to bypass financial controls.

The U.S Treasury Department has disconnected Cambodia’s Huione Group from the U.S financial system. The U.S sanctioned Huione Group for their involvement in crypto money laundering operations. The Financial Crimes Enforcement Network (FinCEN) states that  Huione laundered about $4 billion in crypto since 2021 which includes funds from North Korean hackers and online fraud.

Huione Group, which was established in 2014, is accused of processing $98 billion in crypto money across various illegal transaction channels. The company has faced increased scrutiny for its connection to North Korean hackers. Huione’s marketplace has become famous for criminal syndicates operations such as money laundering and stolen data.

Huione’s USDH Stablecoin, Aids CyberCrime

In January 2025, Huione launched its USDH stablecoin to bypass traditional currency restrictions. USDH is “unfreezable” unlike other stablecoins which enables it to evade measures to freeze criminal funds. Authorities have expressed concerns about the initiative because it enables criminals to transfer funds without  surveillance.

FinCEN has decided to cut off Huione’s access to the U.S. financial system because it allegedly laundered funds from North Korea’s Lazarus Group. Lazarus Group has conducted major heists such as the $1.4 billion Bybit hack earlier this year.

Additionally, Huione has processed funds from “pig butchering” online scams. The FinCEN investigation confirmed that Huione laundered $36 million worth of cryptocurrency from these scams. The Treasury Department named Huione Group as a “primary money laundering concern” because of its role in these crimes.

Huione transfers the illicit funds through its Huione Pay and Huione Crypto platforms. These platforms provide users with services such as currency exchanges and the sale of fraud tools. Huione has defied warnings from authorities and continued to offer services such as untraceable digital assets.

U.S Crackdown on Crypto Crimes

The crackdown on Huione is part of the U.S government’s initiative to curb international crypto crime. The move marks a major step in the fight against money laundering and blockchain-based financial crimes. 

The FinCEN proposal is open for public feedback for 30 days. If approved, the proposal would prevent the Huione Group from opening or holding bank accounts in U.S. firms. This regulatory move could massively disrupt Huione’s financial operations.

Filed Under: News Tagged With: ByBit Hack, cambodia, Crypto, Cryptocurrency, FinCEN, Huione, Lazarus Group, Money laundering, North Korean Hackers, U.S Treasury, USDH

eXch Exchange To Shutdown on May 1 Over Accusations of Lazarus Group Ties

April 18, 2025 by Mwongera Taitumu

Privacy-driven eXch halts operations after being accused of laundering funds for Lazarus Group from the $1.4B Bybit hack.

  • eXch to shut down on May 1 due to money laundering allegations.
  • Lazarus Group allegedly used eXch to launder $35 million.
  • Bybit recovers 89% of stolen funds after the $1.4 billion hack.

The privacy-focused cryptocurrency exchange eXch will shut down on May 1 due to money laundering accusations. eXch decided to shut down because it was accused of laundering stolen funds from the $1.4 billion Bybit hack.

eXch Exchange Announces Crypto Business Closure

The eXch team, in an statement, announced “cease and retreat” from their operations because of the accusations. The team stated that the shutdown decision followed a rumoured “”transatlantic operation” which aims to shut down the platform. The investigation claims that North Korean hackers Lazarus Group used eXch to launder $35 million from the Bybit hack.

The Czech-based exchange stressed on its position as a privacy-oriented exchange which implements minimal Know-Your-Customer (KYC) requirements. It denied plans to support criminal transactions and calrified that it an experimental project rather than a  profit-based business. Critics have labelled eXch as a “mixer” but the platform clarified that it was an instant exchange.

The exchange obtained the information from its contacts within the “state intelligence sector.” The team confirmed that the exchange was under investigation for crypto asset laundering activities. However, eXch reinforces its commitment to protect user privacy.

$1.4B Bybit Hack

The Bybit hack is one of the largest cryptocurrency thefts in history with more than  $1.4 billion in stolen funds. The hackers withdrew the stolen funds but Bybit continued to serve its customers. Bybit’s CEO Ben Zhou assured the customers that the company could compensate for the losses if the stolen funds were not recovered.

Bybit had reclaimed its lost market share as of April 10 and experts estimate that 89% of stolen funds could be traceable. The exchange has initiated protocols to freeze on substantial amounts of the stolen funds with the support of bounty hunters who received over $2 million in rewards. The exchange suffered a major financial blow from the hack despite efforts to recover the stolen assets. 

The eXch closure demonstrates the increased scrutiny on privacy-focused crypto platforms. eXch faced increased scrutiny from became law enforcement agencies and regulatory bodies. The exchange’s management expressed displeasure over being targeted by intelligence agencies despite their compliance to transparency and privacy protection standards.

Filed Under: News, Crypto Scam Tagged With: ByBit Hack, Crypto, Cryptocurrency, Lazarus Group

Bybit Recovers and Regains 7% Market Share After its Hack

April 11, 2025 by Onyi

  • Bybit has recovered its market share to about 7% from 4% after the major hack in February, which amounted to a loss of $1.4 billion.
  • Despite a significant drop in trading activities after the hack, Bybit has steadily bounced back, rebuilding trust and also stabilizing trading volumes.

Bybit has bounced back strongly after suffering a major hack in February, which resulted in a loss of about $1.4 billion. The exchange share in the crypto space has returned back to about 7%, which matches the level it held before the attack.

This recovery comes at a time when many crypto holders are becoming more cautious due to global financial uncertainty. The crypto exchange was able to achieve this level of growth and turnaround by boosting its safety measures and providing clients with better trading conditions.

In February 2024, Bybit faced a serious breach that involved one of its Ethereum cold wallets. The incident caused the platform to lose over $1.4 billion in assets, including liquid-staked Ether (stETH), Mantle Staked ETH (mETH), and many other tokens.

After the hack happened, many holders began to sell off their assets, which caused a sharp drop in market activity. Even though the hack cost the platform a lot, Bybit has slowly recovered its position in the market as a top exchange platform.

Bybit’s Recovery After the Hack

A report from Black Scholes, a blockchain-based research platform, has shown that Bybit has been making significant and steady progress to win back users. As of late February 2025, the Bybit market price dropped from around 11% to almost 4%.

This decline in its price shows how users reacted to the hack because in that same week the market reached its lowest point. Since then, the exchange has slowly climbed back, as it has reached a high of about 6–7% as of the time of writing.

67f4f4a0bfeec7b9741582ea AD 4nXe4RZqSOyAplkQTLU2 5hhmYRheZ6wis4RRS 48daLKEyQeRldl qFmRiOyI IipBFTpcfrlrGMMpI24n32ajbzgLSRJywY7DbJyvhjKZCFYTqPk402o UOryrVTv6U2OuUijk4
Bybit Recovers and Regains 7% Market Share After its Hack 2

source: blockscholes.com

This comeback shows solid growth and improvement in overall customer trust. As market confidence slowly returns and trading volumes on the platform stabilize, it could be said that Bybit’s ability to recover could be an example of how crypto exchanges can handle big challenges while still maintaining their relevance in the crypto space.

Related Reading | XRP’s Long-Term Chart Hints at Explosive Rally, Analyst Eyes $30 Target

Filed Under: News, Crypto Scam, Opinion Tagged With: ByBit Hack

Bitcoin Mixers Used in $1.4B Bybit Hack: 88.87% of Funds Still Traceable

March 21, 2025 by Arslan Tabish

  • Bybit CEO reveals hacker used Bitcoin mixers to launder $1.4B in stolen funds, with 88.87% traceable.
  • A 440,091 ETH was converted into 12,836 BTC and dispersed across 9,117 wallets via BTC mixers.
  • Bybit calls for more bounty hunters to help decode BTC mixer transactions and recover stolen funds.

The Bybit CEO, Ben Zhou, gave an update regarding the investigation of the funds that were stolen in the recent hack that targeted the exchange. In an X post, Zhou provided some details about the investigation and stated that the hacker used Bitcoin mixers to cash out 500k Ether and about $1.4 billion in assets in total. Currently, the investigators can track down $ 88.87% of stolen money while 7.59% of the funds are untraceable and 3.54% have been frozen.

3.20.25 Executive Summary on Hacked Funds:
Hacker started to use BTC mixers: 1. Wasbi 2. CryptoMixer 3. Railgun 4. TornadoCash
Total hacked funds of USD 1.4bn around 500k ETH. 88.87% remain traceable, 7.59% have gone dark, 3.54% have been frozen.
Breakdown: – 86.29% (440,091…

— Ben Zhou (@benbybit) March 20, 2025

Bitcoin Mixer Used for Laundering

Zhou elaborated that 86.29% of the stolen funds, which are about 440,091 ETH ($1.23 billion) was exchanged into 12,836 BTC and spread across 9,117 wallets. The spread in the number of Bitcoin per wallet is approximately 1.41. Zhou went further and explained that the said hacker had employed BTC mixers like Wasabi, CryptoMixer, Railgun, and TornadoCash. Particularly, 193 BTC were sent through Wasabi Mixer and after that the money was divided to P2P marketplaces.

The use of Bitcoin mixer has greatly hindered the tracking of stolen money. This decoding the communications of the organisers is the biggest problem facing investigators. While the use of mixers becomes more popular, Bybit’s security team is asking the community to join them in deciphering these types of transactions. Zhou appealed to anyone or any organization with expertise in tracing the stolen money to help in the freezing of any remaining money.

Bounty Reports and Challenges

The amount of bounty reports received in the last 30 days was 5,012, with only 63 of those identified as valid. To which Zhou emphasized on the need for more involvement of people in the community as more bounty hunters are required to decode mixer transactions. The form of bounty hunters that prevents the commission of cybercrimes on the platform is a significant aspect especially in the process of recovering the stolen assets.

However, the misuse of mixer to clean the stolen funds has presented the following challenges Despite this, the funds are still somewhat traceable. While Bybit’s security team investigates the flow of funds it has taken, Zhou urges both the general populace of crypto enthusiasts and the professionals in the field to participate in aiding in the funds recovery process.

This update also reveals some of the problems that exchanges are having with cases of cybercrimes and the increasing sophistication of the methods of tracking stolen Bitcoins such as use of Bitcoinmixers.

Filed Under: News Tagged With: Bitcoin, btc, BTC Mixer, ByBit Hack, Crypto news, TornadoCash, Wasabi

Crypto Exchange OKX Refutes Allegations of EU Scrutiny Over Bybit Hack

March 12, 2025 by Sheila

  • OKX under EU investigation after Bybit claims hackers laundered $100M via Web3.
  • OKX denies EU probe, says it froze funds and blocked hackers’ addresses after Bybit hack.
  • EU regulators debate if MiCA rules should apply to OKX’s Web3 service amid concerns.

Crypto exchange OKX has publicly denied claims that its platform is under investigation by European regulatory bodies. OKX denied the claims of investigation following Bloomberg’s reporting that authorities scrutinized its Web3 wallet services for laundered funds linked to the $1.5 billion Bybit exchange breach.

EU Regulators Assess Web3 Compliance Under MiCA

Bloomberg’s March 11 report detailed how European regulators were allegedly investigating OKX’s Web3 service. The report claimed that hackers linked to the North Korean Lazarus Group had used OKX’s platform to launder approximately $100 million in funds stolen from Bybit. According to the sources cited by Bloomberg, the European Securities and Markets Authority (ESMA) and national regulators from Austria and Croatia were considering whether OKX’s Web3 platform should fall under the EU’s Markets in Crypto-Assets (MiCA) regulations.

However, OKX responded swiftly, calling the report misleading. The exchange stated it was not under investigation and rejected the claims that its platform was involved in illicit activities. OKX emphasized its commitment to helping Bybit track and implement security measures to block the hackers’ addresses and froze associated funds moving into its platform.

image 52
Source; OKX

The crypto exchange stated that its wallet service operates as an aggregator through its swap function and self-custody wallet service, enabling user efficiency. After the Bybit hack, the company claims it took action by freezing brokered exchange funds on its centralized exchange (CEX) and developing system functionality to identify and prevent hackers’ access to decentralized exchange (DEX) and wallet services.

National authorities from Croatia and Austria claim that OKX should follow EU financial requirements for Web3 services because these services merge with their centralized trading platform. Some stakeholders proposed that MiCA should not control decentralized services, while others advocated for MiCA to extend its authority to all services. Malta, which previously granted the crypto exchange a MiCA pre-authorization, is also reviewing whether the exchange remains compliant.

Crypto exchange OKX Rejects Money Laundering Allegations

Bybit CEO Ben Zhou previously alleged that hackers laundered approximately $100 million through OKX’s Web3 wallet service following the exploit on Bybit’s platform. In its response, OKX also refuted accusations from Bybit that it had been complicit in laundering stolen funds.

In a social media statement, OKX Global Chief Marketing Officer Haider Rafique reaffirmed that the company has been transparent with regulators and does not facilitate illicit activities. He described any suggestion that the Crypto exchange was complicit in laundering stolen funds as “preposterous.”

image 54
Source; Haider

The exchange asserted that Bybit’s statements were spreading misinformation about their role in the security vulnerability. OKX stated that the ongoing security issues and vulnerabilities were due to Bybit’s lack of security measures and not any failure on the crypto exchange’s part. The company clarified that its platform had reacted by freezing the funds involved in the hack and developing new features to block hackers’ addresses from accessing its services.

Bybit’s CEO Ben Zhou reported that over $200 million of the $1.46 billion stolen from the exchange has become untraceable due to the use of mixing services. About 20% of the stolen money was obtained from Ethereum through THORChain before being converted into Bitcoin despite the platform receiving criticism for failing to stop DPRK-backed hackers. Zhou reported that 77% of the stolen digital currencies can still be tracked across multiple platforms despite recent losses of the total stolen funds.

Filed Under: News, Cyber Security, Industry Tagged With: ByBit Hack, crypto exchange, European regulation, OKX

Bybit Hackers Launder $480M in ETH Through Bitcoin, Largely Using ThorChain

February 28, 2025 by Bena Ilyas

MetaMask Head of Security Taylor Monahan confirmed that Bybit hackers transferred at least 209,384 ETH, valued at approximately $480 million, onto Bitcoin. This accounts for over half of the 400,000 ETH stolen from Bybit, excluding other drained tokens. The movement of funds has complicated efforts to recover them.

Arkham Intelligence reported that at least $240 million of the stolen funds were laundered using THORChain. The stolen crypto was predominantly swapped for Bitcoin. The FBI later confirmed that North Korea’s Lazarus Group was responsible for the attack, citing their use of TraderTraitor actors to disperse funds across thousands of blockchain addresses.

ALERT: LAZARUS LAUNDERING THROUGH THORCHAIN – MINIMUM $240M SO FAR

Over $240M of ETH has been sent through Thorchain by Lazarus-tagged wallets on Arkham.

These funds have mainly been swapped for native BTC. pic.twitter.com/C1EYtj6aFw

— Arkham (@arkham) February 27, 2025

Ethereum security experts highlighted that tracking this $1.5 billion hack is particularly difficult due to the thousands of separate transactions that obscure the trail. Pseudonymous researcher SomaXBT noted on X that tracing small portions of the stolen funds is extremely challenging due to the hackers’ sophisticated methods.

Bybit Hackers Launder $250M ETH

Bybit’s CEO, Ben Zhou, assured users their funds remained safe despite withdrawal congestion. The exchange received support from Binance and other crypto entities, which helped retrieve and freeze stolen assets. THORChain blacklisted hacker-linked addresses but could not entirely prevent laundering efforts due to its decentralized nature.

While some stolen funds were recovered, the hackers managed to clean a significant portion, with at least 100,000 ETH ($250 million) laundered. Blockchain analytics firms, including Chainalysis and Elliptic, have been monitoring the fund movements, leading to the freezing of approximately $82.85 million in stolen assets.

Chainalysis confirmed that $40 million had been seized, but reports indicate that the hackers still control a substantial amount of ETH. This amount surpasses the holdings of prominent figures like Ethereum co-founder Vitalik Buterin. The situation remains fluid as authorities and Bybit continue to track and recover stolen funds.

ThorChain’s Role and Market Impact

Authorities and blockchain analytics firms like Chainalysis and Elliptic have tracked the funds. So far, $40 million has been seized, and $42.85 million was frozen through coordinated efforts. Despite these recoveries, reports suggest that hackers still hold a substantial amount of ETH, exceeding the holdings of notable figures like Ethereum co-founder Vitalik Buterin.

A coordinated effort led to the freezing of $42.89M in just one day. Thanks to the following teams for their swift action: @Tether_to: Flagged address and froze 181K USDT @THORChain: Blocked the blacklist @ChangeNOW_io: Froze 34 ETH @FixedFloat: Froze 120K USDC + USDT…

— Bybit (@Bybit_Official) February 23, 2025

Monahan revealed that the hackers used 3,934 transactions over 115 hours to bridge 161,490 ETH ($370 million) through THORChain. The accounts for most of the ETH converted into Bitcoin. eXch, another bridge used, disabled ETH and ERC-20 swaps, limiting the hackers’ ability to move funds further.

Bybit has offered a 5% bounty to exchanges, bridges, and mixers that help freeze stolen funds and a 10% reward for returning the assets. Despite efforts to curb laundering, ThorChain saw its highest trading volume of $737 million in one day, largely driven by the hackers’ activity.

ThorChain’s native token, RUNE, peaked at $1.60 since the attack but remains below its all-time high of $19.30. Community members criticized ThorChain for failing to prevent laundering, while others argued that its transparency helped track transactions. The situation continues to unfold as authorities work to recover more stolen funds.

Read More: Bitcoin Under Pressure as Bybit’s $1.48B Hack Sparks Market Panic

Filed Under: News, Altcoin News Tagged With: Bitcoin, ByBit Hack, Cryptocurrency, Ethereum, THORChain

Bybit Hack: Mirana Ventures Injects $600M in ETH After $1.5B Breach

February 27, 2025 by Bena Ilyas

  • Bybit lost $1.5B in ETH-based tokens; Mirana Ventures injected $600M to stabilize holdings.
  • Mirana Ventures sold $500M BTC and $100M USDT to secure funds via FalconX, Galaxy, and Wintermute.
  • Bybit recovered $700M Ethereum in 48 hours, ensuring 1:1 client asset backing.

Bybit, a leading cryptocurrency exchange, recently suffered a major security breach, resulting in a loss of approximately $1.5 billion in ETH-based tokens. Mirana Ventures, a firm linked to Bybit’s co-founders, stepped in with a significant $600 million Ethereum deposit to help restore the exchange’s holdings and mitigate the financial impact of the hack.

Arkham Intelligence reported on February 26 that Mirana Ventures deposited the funds over three days, making it the largest Ethereum depositor since the incident. Mirana Ventures sold $500 million worth of Bitcoin (BTC) and $100 million worth of Tether (USDT) through FalconX, Galaxy Digital, and Wintermute OTC to secure these funds. These strategic transactions allowed Bybit to replenish its Ethereum reserves without causing major market disruptions.

BYBIT HACK UPDATE: $600M OUT OF $1.5B ETH BOUGHT AND SENT TO BYBIT

$600M of ETH has been deposited to Bybit in the past 3 days by Mirana Ventures – making them the largest ETH depositor after the hack.

Mirana Ventures appears to have acquired this ETH by selling $500M BTC and… pic.twitter.com/Cmx4oP0GG8

— Arkham (@arkham) February 25, 2025

ETH Acquisition Without Market Fluctuations

After the hack, Mirana Ventures played a crucial role in acquired Ethereum by liquidating assets and swiftly transferring the funds to Bybit. This move helped slow the pace of withdrawals and restored some confidence in the exchange’s liquidity. Before this, crypto exchange had secured a bridge loan to protect customer assets and ensure withdrawal requests could be met.

Investigations into the hack suggest that the North Korean hacker group Lazarus Group may be responsible. The attackers deployed advanced malware to breach Bybit’s security systems and moved stolen Ether across multiple addresses, complicating recovery efforts. Authorities and cybersecurity experts continue to track the stolen funds.

Gkp J2gXMAAx3t6
Source: X

Bybit’s Response and Future Measures

Following the hack, firm immediately strengthened security and reassured users. The exchange secured a bridge loan to facilitate withdrawals and maintain customer trust. With the additional Ethereum deposits from Mirana Ventures, firm has significantly reduced its shortfall and stabilized operations.

Bybit implemented immediate measures to address security flaws and protect user funds. The exchange secured additional funding through OTC deals and institutional loans, recovering nearly $700 million worth of Ethereum within 48 hours. CEO Ben Zhou reassured users that firm has fully restored its 1:1 client asset backing, strengthening trust in its platform.

The exchange hack highlights the persistent security threats faced by cryptocurrency exchanges. However, Mirana Ventures’ swift financial intervention and proactive recovery measures ensured that the exchange remained operational. As the investigation continues, the focus shifts toward strengthening security protocols to safeguard digital assets against future cyber threats.

Read More: Bybit Resumes Operations in India After Meeting Regulatory Requirements

Filed Under: News, Altcoin News Tagged With: Bybit, ByBit Hack, Ethereum

North Korea’s Lazarus Group Tied to Bybit Hack and Solana Memecoin Scandals

February 24, 2025 by Sheila

  • Lazarus Group laundered $1.08M from Bybit hack via Solana, linked to memecoin scams.
  • ZachXBT traces $1.4B Bybit hack funds to Solana, connecting Lazarus Group to scams.
  • Lazarus Group’s involvement in Bybit hack also extends to $29M Phemex breach and scams.

Lazarus Group Linked to Bybit Hack and Solana Memecoin Scams, Investigation Reveals. On February 23, 2025, on-chain investigator ZachXBT published findings connecting North Korea’s Lazarus Group to the massive $1.4 billion Bybit hack on February 21, 2025. The report also ties the group to recent memecoin scams on Solana’s Pump.fun platform. ZachXBT’s analysis highlights a complex laundering operation involving stolen funds from the Bybit exploit.

The investigation shows that on February 22, 2025, the attacker received $1.08 million from the Bybit hack. This amount moved to a wallet address, 0x363908df2b0890e7e5c1e403935133094287d7d1, which bridged the funds as USDC to Solana. 

After splitting between numerous wallets, several of the addresses had previously been associated with memecoin scams. Through its analysis, ZachXBT identified more than 920 cryptocurrency addresses involved in the hack, with Lazarus Group identifying involvement with Pump.fun memecoin launches.

image 238 5
Source: ZachXBT

Bybit Hack Funds Laundered Through Solana Memecoin Platforms

The analysis from ZachXBT shows Lazarus Group used the stolen Bybit funds through multiple laundering transactions. The $1.08 million USDC bridged from Solana to Binance Smart Chain (BSC) divided across more than 30 addresses through a programmed mechanism. The address 0x0beb8b5f899a15ed5e6be5c597f88b2c7d5b3a collected funds before it returned the assets to Solana. The funds were distributed by a few wallets that sent $106,000 USDC to ten Solana addresses which belonged to coin scammers.

The investigator noted that Lazarus Group launched meme coins through Pump.fun only 15 hours before public disclosure. The observed activities show that the cybercriminals utilized the platform to cover up the source of their stolen money. The exchanged funds were moved to different exchanges, which complicated tracking and detection efforts. ZachXBT retained undisclosed to prevent interference, however, ZachXBT validated the release of wallets from analytics tools.

Lazarus Group’s Broader Crypto Attack Patterns

ZachXBT’s findings extend beyond the Bybit hack. The same Lazarus Group wallets linked to this exploit also connect to the $29 million Phemex hack in January 2025. This pattern indicates a consistent strategy of targeting cryptocurrency platforms and laundering funds across blockchains like Solana and BSC.

The report underscores the group’s role in Solana’s recent memecoin scams, including rug pulls on Pump.fun. These scams have damaged investor trust in Solana, with high-profile cases like the Libra token rug pull, where insiders allegedly drained over $107 million. Such incidents have contributed to a decline in Solana’s user activity, with active addresses dropping to 9.5 million in February 2025, down from 15.6 million in November 2024.

The investigation highlights the challenges blockchain networks face in combating sophisticated cyber threats. Lazarus Group’s actions reveal a growing trend of exploiting decentralized platforms for money laundering, impacting the broader crypto industry’s security and stability.

Filed Under: News, Crypto Scam Tagged With: ByBit Hack, North Korea, Solana Memecoins

Bitcoin (BTC) Holds Strong at $96K as Bybit Hack Fears Fade, Eyes $106K Breakout

February 22, 2025 by Usman Zafar

  • Bitcoin dipped after reports of a Bybit security breach but held support at $96,000.
  • Bybit reassured users with $16 billion in reserves, easing market fears.
  • A falling wedge pattern suggests a potential breakout toward $106,000.

Bitcoin (BTC) faced volatility after reports of a security breach at Bybit, leading to a price dip. However, the flagship cryptocurrency remains resilient, holding above the crucial $96,000 support level, suggesting that the market may have overreacted to the news.

Bitcoin recently showed some solid movement, bouncing back from a dip at around $93K and quickly shooting up to hit a high of $99.5K. It looked like the bulls were in control, but the Bybit hack sent shockwaves through the market. The fear it triggered caused BTC to drop, wiping out those gains and adding a layer of uncertainty.

Bybit Hack Sparks Market Fear, But Fundamentals Remain Strong

The sudden downturn came after reports of a Bybit security breach surfaced, triggering short-term panic selling. Despite the concerns, Bybit reassured users that all client assets are 1:1 backed, with the exchange holding a substantial $16 billion in reserves, more than enough to cover any losses. This confirmation helped ease fears, preventing further downside pressure on BTC.

At the time of writing, BTC is trading at $96,624, marking a 2.29% decline over the past 24 hours. The trading volume surged to $57.61 billion, reflecting heightened market activity, while BTC maintains a $1.91 trillion market cap.

BTC 1D graph coinmarketcap 1
Bitcoin (BTC) Holds Strong at $96K as Bybit Hack Fears Fade, Eyes $106K Breakout 9

Bullish Signals Emerging, Bitcoin Rebound to $106K Possible

Despite the sell-off, technical indicators suggest that bulls are still in control. A falling wedge pattern, a historically bullish formation, is currently in play. If buyers continue to defend the $96K support, BTC could see a significant rally toward the next major resistance at $106,000.

image 227 9
Bitcoin (BTC) Holds Strong at $96K as Bybit Hack Fears Fade, Eyes $106K Breakout 10

Market sentiment remains cautiously optimistic, with traders eyeing a potential reversal in the coming sessions. If BTC breaks out of the falling wedge, it could trigger renewed buying pressure, pushing prices higher.

For now, BTC remains at a critical juncture, with bulls holding the line. A decisive move above resistance levels could confirm the next leg of the rally.

Related | Franklin Templeton’s EZPZ ETF Expands Crypto Investment Access

Filed Under: News, Bitcoin News Tagged With: Bitcoin Price Analysis:, Bitcoin Price Prediction, BTC Bullish Breakout, ByBit Hack

Primary Sidebar

Recent Posts

  • Solana Price Prediction: SOL Aims to Reclaim $175 to Ignite a New Rally May 19, 2025
  • 3 Underrated Coins with Explosive 2025 Potential: Best Cryptos to Buy in May 2025 May 19, 2025
  • SUI Targets $4.00 in Short Term—Is a New All-Time High Next? May 19, 2025
  • Tornado Cash and Samourai Wallet Defense Accuses Prosecutors of Withholding Crucial Evidence in Protocol Cases May 19, 2025
  • Dogecoin (DOGE) Breakout Brewing—Will It Hit $0.306 Soon? May 19, 2025

Footer

News

  • Altcoin News
  • Bitcoin News
  • Blockchain
  • Tron News
  • World

Digest

  • Meet the Founder
  • Price Winning Article
  • DeFi
  • Cyber Security
  • Crypto Scam

Industry

  • Project Review
  • Technology
  • Fintech
  • Tron Exchange
  • New in Town

Tron Universe

  • Event and Tron Parties
  • New in Town
  • Tron Tokens

Follow Us

Subscribe US

Copyright © 2025 · Tron Weekly. All Rights Reserved. NOTE: Tron Weekly is an independent crypto news site that adheres to the strict journalism policy anchored on transparency, trust, and objectivity, we have no affiliation with the TRON Foundation, its founder Justin Sun or any other cryptocurrency firm.