FBI Urges Crypto Industry to Block Transactions from Bybit Hackers

The Federal Bureau of Investigation (FBI) has called on cryptocurrency exchanges, node operators, and other private sector entities to block transactions linked to the $1.4 billion Bybit hack.

FBI Identifies North Korean Hackers Behind Bybit Hack

In a public service announcement issued on February 26, 2025, the agency confirmed that North Korean state-sponsored hackers, known as the Lazarus Group, were responsible for the attack.

The FBI referred to these hackers as “TraderTraitor,” a name it previously used in an April 2022 statement. The group is also known by several other aliases, including APT38, BlueNoroff, and Stardust Chollima.

MARKET HOTSPOT :

FBI released a public service announcement saying North Korea is responsible for the $1.5 billion Bybit hack.

The FBI called on private sector entities including RPC node operators, exchanges, and DeFi services to block transactions with addresses…

— Crypto_APE (@0xCrypto_Ape) February 27, 2025

“TraderTraitor actors are proceeding rapidly and have converted some of the stolen assets to Bitcoin and other virtual assets dispersed across thousands of addresses on multiple blockchains,” the FBI said in its recent announcement.

The Bybit hack has resulted in significant financial losses, with hackers already laundering over 135,000 Ether (ETH) since the incident on February 21, 2025.

Crypto analyst EmberCN noted that most of the stolen funds were liquid-staked Ether tokens, which the attackers converted into other cryptocurrencies.

Another 363,900 ETH remains untouched, worth around $825 million at current prices.

Bybit 黑客在过去 24 小时洗走了 4.59 万枚 ETH ($1.13 亿)。目前他们一共已经洗走了 13.5 万枚 ETH ($3.35 亿)，接近三分之一了。

现在 Bybit 黑客地址里还有 36.39 万枚 ETH ($9 亿)。以目前的频率只需要再有 8~10 天就洗完了。

本文由 #Bitget｜@Bitget_zh 赞助 https://t.co/nNwpWP0uEE pic.twitter.com/tpIi3LD7FU

— 余烬 (@EmberCN) February 26, 2025

According to Chainanalysis, portions of the stolen Ether have been converted into Bitcoin (BTC), the Dai (DAI) stablecoin, and other digital assets through decentralized exchanges, cross-chain bridges, and instant swap services that do not require Know Your Customer (KYC) verification.

Broader Security Concerns in the Crypto Space

The FBI has urged Remote Procedure Call (RPC) node operators, crypto exchanges, blockchain analytics firms, decentralized finance (DeFi) service providers, and cross-chain bridge operators to block any transactions linked to the Bybit hack.

The agency also released 51 Ethereum addresses associated with TraderTraitor and warned industry players to avoid interacting with them.

Meanwhile, blockchain analytics firm Elliptic has identified 11,084 additional crypto wallet addresses suspected to be linked to the Bybit hack.

The Bybit hack is one of the largest cryptocurrency thefts in history, significantly impacting the market. Since the attack, Bitcoin’s price has fallen below $90,000, marking its lowest level since November 2024.

Bybit’s CEO, Ben Zhou, has announced measures to recover the stolen funds, including offering rewards for information and hiring top cybersecurity professionals to strengthen the exchange’s security systems.

Bybit declares WAR on Lazarus hackers! ⚔️💸
After a $1.4B heist, CEO Ben Zhou launched a bounty site—up to $140M to freeze or recover funds. No negotiations, just fight. Will this change crypto security?
Get the full scoop—tune in now! 🕵️‍♂️ pic.twitter.com/swXVNrG22L

— nikodemus.crypto🎙️🔊 (@CryptoCorvus1) February 26, 2025

The FBI warns that it is only a matter of time before the stolen assets are further laundered and eventually converted into fiat currency. The agency has asked anyone with relevant information to report it to the FBI’s Internet Crime Complaint Center.

This incident highlights the growing threat of state-sponsored cyberattacks on the crypto industry and the urgent need for stronger security measures and regulatory oversight.