YEREVAN (CoinChapter.com) — A blockchain investigator named ZachXBT confirmed that North Korea’s Lazarus Group carried out the Bybit hack. His on-chain analysis disproved earlier false accusations. According to Arkham Intelligence, the hackers used the same wallets linked to last month’s Phemex breach.
Arkham offered a bounty for strong evidence, and ZachXBT provided it. He submitted proof involving test transactions, wallet connections, and timing analysis. Arkham confirmed this, adding,
“At 19:09 UTC, ZachXBT submitted definitive proof that this attack on Bybit was performed by the Lazarus Group.”
Bybit Loses $1.5 Billion in Hack
The Bybit hack is among the largest in crypto history, totaling $1.5 billion. Hackers used methods similar to past Lazarus attacks. The CEO of Bybit assured users they would be reimbursed from reserves. However, the specific plan has not yet been announced.
Following the attack, some users wrongly accused supporters of Pi Network. These claims arose because Bybit’s CEO previously criticized the project. The evidence presented by ZachXBT cleared Pi Network’s supporters from suspicion.
Connection to January’s Phemex Hack
The recent attack is directly connected to the earlier Phemex hack from January. At first, the earlier breach was not clearly identified as Lazarus’ work. ZachXBT’s recent investigation changed that. He linked the wallets from the Bybit hack directly to those used in the Phemex breach.
ZachXBT is experienced in tracking Lazarus Group’s activities. Last year alone, Lazarus stole almost $1 billion in cryptocurrency. ZachXBT’s findings now offer clearer information about how Lazarus operates.
Recovery of Stolen Funds Unlikely
Recovering funds stolen by the Lazarus Group is very difficult. This is due to Lazarus being supported by North Korea’s state-backed cyber units. The stolen $1.5 billion from Bybit is unlikely to be retrieved.
ZachXBT received a bounty of $30,000 worth of Arkham tokens for his discovery. The clarity provided by his findings helps prevent further false accusations. Yet, Bybit users still face uncertainty about when and how reimbursements will happen.
Bybit Restores Withdrawals After $1.5 Billion Hack, CEO Confirms
Bybit CEO Ben Zhou announced that the exchange has processed all withdrawals and its system has returned to a “normal pace” following the $1.5 billion hack. In a Feb. 22 X post, Zhou assured users that withdrawals are now functioning without limits or delays. He also apologized for the incident and stated that a full incident report and security assessment will be released soon.
The update comes after Zhou’s Feb. 21 livestream, where he warned that withdrawals could take hours due to network congestion caused by the attack. At that time, the exchange had 4,000 pending transactions.
Other crypto exchanges, including Bitget and Crypto.com, have expressed support for Bybit. Bitget transferred 4,000 ETH ($105 million) to assist the exchange and blacklisted hacker wallets to block illicit transactions. Bitget CEO Gracy Chen confirmed that security teams are monitoring the situation and will share updates.
