The FBI calls for node operators and Crypto exchange platforms to block transactions related to the record housing of Bybit. The American Federal Agency confirms the involvement of the North Korean group Lazarus in this $ 1.4 billion flight and takes action to prevent funding for funds.
The FBI mobilizes the crypto industry against the North Korean pirates
On February 26, 2025, the Federal Bureau of Investigation (FBI) launched a public appeal urging node operators, exchange platforms and other players in the crypto sector to block transactions related to massive bybit.
This attack, which occurred on October 21, allowed the pirates to steal $ 1.4 billion, mainly in Ether (ETH), making this hack one of the most important in the history of cryptocurrencies.
The American agency formally attributed this cyber attack to the North Korean group Lazarus, which it designates under the code name “Traderraitor” (also known by the appellations Apt38, Bluenoroff and Stardust Chollima). This group is sadly famous for its sophisticated operations targeting the financial sector and particularly the crypto ecosystem.
FBI investigators shared a list of 51 Ethereum addresses directly linked to pirates, but the Elliptic Blockchain analysis company has already identified more than 11,000 suspicious portfolios involved in this operation.
“The actors of Traderraitor quickly proceed and converted some of the assets stolen into Bitcoin and other cryptocurrencies, dispersed on thousands of addresses through several blockchains “, Specifies the FBI in his press release.
A race against the clock to prevent funding for funds
The investigations carried out by analysts like Zachxbt and Arkham Intelligence revealed a disturbing element: the same wallets involved in the Hack of Bybit also served during the piracy of Phemex in January 2025. This direct link, established on-chain, proves that the Lazarus group consolidates the stolen funds during various attacks before starting its laundering operations.
Since the October incident, the pirates have already managed to whiten more than 135,000 Ether, or about $ 305 million in current prices. However, an additional 363,900 ETH, with an approximate value of $ 825 million, remain intact in hackers portfolios. These funds are likely to be gradually converted into Bitcoin, Stablecoins such as DAI, or in fiduciary currency.
The attack method used against Bybit was particularly ingenious: the hackers deployed a false intelligent contract which deceived the signatories and compromises a multi-signature ethereum portfolio.
To whiten the stolen funds, they use an arsenal of sophisticated techniques: decentralized exchanges, inter-chain bridges, instant exchange services without KYC and mixers like Tornado Cash which make transactions practically intraçable.
This hacking is part of an alarming trend. In 2024, North Korean hackers would have already stolen $ 1.34 billion in digital assets, an increase of 102% compared to 2023. Among their notable victims were the Ronin network ($ 600 million) and Wazirx ($ 230 million).
Faced with this unprecedented threat, the collaboration between authorities and crypto actors becomes vital. The FBI intensifies its actions in this sector, as evidenced by the search in the CEO of Polymarket last November. This growing involvement of the American authorities in the Crypto universe raises both hopes and questions.
Maximize your Cointribne experience with our 'Read to Earn' program! For each article you read, earn points and access exclusive rewards. Sign up now and start accumulating advantages.
