Amidst a climate of crypto volatility, the assailant has orchestrated a whirlwind of high-volume ether transactions. For instance, during the drafting of this analysis, 91.75 ETH ($227,149.24) vanished into an unknown wallet. Bitcoin.com News initially disclosed on Feb. 23 that the perpetrator’s holdings totaled 449,395.23 ETH; current data reveals a diminished trove of 377,532.60 ETH fragmented across 54 distinct addresses.
Sum of the hackers ETH accounts as of Feb. 25, 2025, at 12:00 p.m. Eastern Time.
This implies the entity—widely attributed to North Korea’s Lazarus Group—has liquidated 71,862.63 ETH in recent days, leaving a residual vault worth $915.16 million. Approximately 35 wallets each harbor roughly 10,000 ETH, while others display fragmented balances: one contains 1,346 ETH, another 6,904.28 ETH, and a third 8,048.85 ETH. Notably, several addresses previously housing 10,000 ETH now retain negligible traces, suggesting strategic redistribution.
Additionally, Arkham Intelligence noted on Tuesday that the Bybit hacker is shifting more ETH into bitcoin again. “The Bybit Hacker has bridged at least $6.2M of the stolen ETH to BTC through Thorchain. They are also swapping ETH <> DAI using OKX Web3 Swap,” Arkham stated on X.
Lazarusbounty.com
Bybit has unveiled a dedicated web portal cataloging the assailants’ digital footprints, accompanied by a lucrative incentive for ethical white hat hackers who assist in immobilizing the pilfered assets. The platform offers a staggering $140,000,000 reward, pledging instantaneous disbursement “immediately once the funds are confirmed as frozen,” per the exchange’s public declaration.
The bounty site adds:
We require cooperation from all involved parties to either freeze the funds or provide updates on their movement so we can continue tracing. Response time is measured from the moment the specific transaction is reported to the relevant party.
In a message shared with Bitcoin.com News, Bybit told our news desk: “The launch of Lazarusbounty.com sends a clear, unyielding message: stolen funds will not be tolerated for illegal use. This platform serves as a direct challenge to cybercriminals—a warning that any attempt to exploit the blockchain for illicit purposes will be met with relentless, coordinated action. With this five-pronged offensive, Bybit not only challenges cybercriminals but also sets a new industry standard. Rather than waiting for problems to escalate, Bybit is taking the lead in securing the ecosystem and calls on every vigilant community member to support this mission.”
In addition to the latest ether moved, earlier reports had shown how the hacker moved funds into meme coin platforms like Pump.fun. According to Bybit, Pump.fun has been helpful in blocking this type of action. Bybit wrote on X:
Thanks to [Lily Liu] and the [Pump.fun] team for taking swift action to block and remove a Solana-based token whose creator may be affiliated with hacker groups, ensuring the security of the ecosystem. This is a great example of proactive security in action.
免责声明:本文章仅代表作者个人观点,不代表本平台的立场和观点。本文章仅供信息分享,不构成对任何人的任何投资建议。用户与作者之间的任何争议,与本平台无关。如网页中刊载的文章或图片涉及侵权,请提供相关的权利证明和身份证明发送邮件到support@aicoin.com,本平台相关工作人员将会进行核查。
