Lazarus Group identified in $1.5b Bybit hack: Arkham

The survey shared the pirates exploited Ethereum de Bybit (Ethn) Multisig cold wallet during a routine transfer to the hot exchange portfolio.

The attackers manipulated the signature interface, which displayed the address of the correct portfolio while modifying the underlying intelligent contractual logic.

The CEO of Bybit, Ben Zhao, confirmed that the security violation has resulted in losses over $ 1.5 billion in cryptocurrency assets.

Despite the scale of the flight, Zhao assured users that all customers’ withdrawals would be treated, even those who were underway.

Zachxbt reveals connections between Bybit and Phemex Hack

Zachxbt’s survey revealed direct links on the chain between the Bybit incident and the recent Phemex exchange hack. The attackers also committed funds from both flights through the same initial flight addresses. This model corresponds to the known tactics of the Lazare group to link several exchange compromises.

Submission of premiums included detailed testing of test transactions carried out before the main attack, the monitoring of connected portfolios and the synchronization analyzes which indicated the North Korean group sponsored by the State. Arkham shared this forensic evidence with the Bybit team to support their current investigation.

The incident started when detected unauthorized transfers of one of their Ethereum (Ethn) Cold wallets. The exchange immediately launched an investigation, in partnership with experts in legal medicine from the blockchain to trace stolen assets.

The company launched an open appeal using teams with an expertise in blockchain analysis and the restoration of funds.

This hack represents one of the biggest cryptocurrency exchange hacks in history.

The Bybit team has received the help of other exchanges to maintain open withdrawals to users.