Understanding the LazarusBounty Program: How to Join Bybit’s Initiative Against Lazarus Group

What Happened

On Feb 21, 2025, at 02:16 PM UTC, an exploiter breached one of Bybit’s Ethereum cold wallets, siphoning out $1.4 billion worth of ETH, stETH, cmETH and mETH. Hackers used a sophisticated phishing attack to change smart contract logic during a routine ETH transfer from Bybit’s cold wallet to a hot wallet.

According to the independent investigator ZachXBT the stolen funds are linked to the Lazarus Group (allegedly run by North Korea’s government), who were involved in previous high-profile exploits involving the Phemex and BingX cryptocurrency exchanges.

Enhanced Bounty Rewards Program

The entire crypto community has thus far played a major part in Bybit’s swift and effective response. From efforts by on-chain investigators, such as ZachXBT, Arkham Intelligence, Beosin, TRM Labs, Halborn and others — who helped shed light on the addresses used by Lazarus Group and the flow of funds — to support from other industry players like Tether, Bitget, MEXC, DWF Labs and countless others, the crypto industry has rallied together in a sign of unity.