Ben Zhou, CEO of Bybit, the victim of what could be the largest single-day exploit of all time, is extending its bounty program as it looks to recover funds from North Korean state-sponsored hackers Lazarus Group.
An early version of the site — at lazarusbounty.com — has an option for anyone to connect their wallets to become a “bounty hunter” along with a “live ranking of good and bad actor(s) and their response time to deal with the sanctioned Lazarus group transactions,” Zhou wrote on X on Tuesday.
“You don't want to end up on the bad actor list, it's a record of you helping to facilitate sanctioned transactions,” he added. “We will not stop until Lazarus or bad actors in the industry is eliminated.”
The exchange is offering a 5% bounty on any funds frozen by exchanges, mixers and other actors, with payments coming “upfront upon instantly at freezing.”
Bybit, which lost over $1.5 billion worth of Ethereum-based tokens in a highly-targeted malware attack, has received praise from in and outside of the crypto community for its transparent response and attempts to make users whole.
Zhou quickly disclosed the attack — sharing a high-level view of what the exchange understood shortly after it occurred on Friday. The exchange also released a detailed post-mortem, secured a bridge loan to secure customer assets and facilitate withdrawals and launched a generous 10% bounty program that same day. On Monday, Bybit announced it had closed the shortfall in its ETH holdings and said the pace of withdrawals had returned to normal.
The exchange also intends to open up its Lazarus Bounty program “to other victims” in the near future and update it with new features, Zhou said.
“This is brilliant. Bybit offering a transparent bounty to all exchanges and bounty hunters who can help them intercept Lazarus Group funds, as well as shaming the ones who don't cooperate,” Dragonfly Capital co-founder Haseeb Qureshi wrote on X. “This is the most crypto native way to do it. Love it.”
Analytics firm Elliptic has said Lazarus appears to have moved on to the “second stage of laundering,” which involves “layering” the stolen funds and moving the tens of millions of dollars worth of assets to new blockchains like Bitcoin and anonymizing services like eXch. eXch has denied that Lazarus is laundering funds through the non-KYC platform.
As of Saturday, roughly $43 million in stolen funds from the Bybit hack have already been recovered with help from the Mantle, SEAL 911 and mETH teams. An additional $181,000 in USDT has also been recovered.
While it’s difficult to determine exactly how many crypto heists Lazarus is behind, it is estimated to have successfully laundered at least $200 million between 2020 and 2023, according to blockchain sleuth ZachXBT in 2024.
Disclaimer: The Block is an independent media outlet that delivers news, research, and data. As of November 2023, Foresight Ventures is a majority investor of The Block. Foresight Ventures invests in other companies in the crypto space. Crypto exchange Bitget is an anchor LP for Foresight Ventures. The Block continues to operate independently to deliver objective, impactful, and timely information about the crypto industry. Here are our current financial disclosures.
© 2025 The Block. All Rights Reserved. This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.
免责声明:本文章仅代表作者个人观点,不代表本平台的立场和观点。本文章仅供信息分享,不构成对任何人的任何投资建议。用户与作者之间的任何争议,与本平台无关。如网页中刊载的文章或图片涉及侵权,请提供相关的权利证明和身份证明发送邮件到support@aicoin.com,本平台相关工作人员将会进行核查。
