Skip to content
Active Currencies: 17,387
Market Cap: $2.346T
Bitcoin Dominance: 55.81%
24h Market Cap Change: $-2.92

FBI links North Korea to crypto hack on Bybit, urges users to ‘block transactions’

FBI has called for collaborations to block North Korea threat actors from laundering Bybit heist.

Written by Written by Benjamin Njiri
Reviewed by Reviewed by Saman Waris
Updated February 27, 2025
FBI links North Korea to crypto hack on Bybit, urges users to 'block transactions'
  • FBI has called on DeFi players to blacklist addresses used by North Korean hackers to launder Bybit stolen funds. 
  • Binance’s CZ questioned Gnosis Safe’s transparency in the hack. 

The FBI has linked the recent $1.5B Bybit stolen funds to a North Korea crypto hack and called on private players to blacklist wallet addresses used by threat actors. 

The agency referenced the threat actor ‘TraderTraitor’, and urged everyone to help fight the entity.  

“FBI encourages private sector entities including RPC node operators, exchanges, bridges, blockchain analytics firms, DeFi services, and other virtual asset service providers to block transactions with or derived from addresses TraderTraitor actors are using to launder the stolen assets.”

Bybit: Safe wallet was compromised

Interestingly, the update was issued immediately after Bybit’s preliminary report linked the incident to a compromise on the Safe wallet system.  

North Korea crypto hack
Source: Bybit

The Gnosis Safe team also acknowledged that the Lazarus group compromised on one of its developers’ machines. 

“Safe smart contracts unaffected, an attack was conducted by compromising a Safe {Wallet} developer machine which affected an account operated by Bybit.”

However, Binance founder CZ castigated Safe’s statement for being vague and not helpful for other players. He questioned

“So, was $1.4 billion the largest address managed using Safe? How come they didn’t target others?”

In response, Martin Koeppelmann, founder of Gnosis Safe, stated

“We have been looking into that – it was certainly one of the largest Safes…So far, we put a specific focus on monitoring all transactions done by Safe after the hack before the interface was taken down.” 

Bybit lost 401K ETH during the hack, which didn’t immediately impact the market, perhaps due to the swift and transparent response from the exchange. 

By early this week, its ETH reserves were back to normal, and it repaid all its loans secured from other exchanges to meet withdrawal demands over the weekend. 

In fact, ETH soared to $2.8K after the hack and only tanked to $2.2K amid inflation fears after President Trump’s tariffs plans. 

North Korea crypto hack
Source: ETH/USDT, TradingView
Disclaimer: AMBCrypto's content is meant to be informational in nature and should not be interpreted as investment advice. Trading, buying or selling cryptocurrencies should be considered a high-risk investment and every reader is advised to do their own research before making any decisions.

Benjamin Njiri

Journalist

Benjamin Njiri is a Crypto Analyst and Reporter at AMBCrypto, specializing in technical analysis and emerging market trends. With a background in Telecoms engineering and power systems, he applies data analysis to filter market noise and decode on-chain data. His work delivers clear, data-driven insights that help readers navigate crypto markets with confidence.

Related Articles

AMBCrypto
Facebook X Instagram Youtube Linkedin

AMBCrypto was founded in 2018 with a mission to simplify and bring the latest blockchain and cryptocurrency news to our readers. We have quickly grown into the digital news source for an emerging generation of cryptocurrency enthusiasts, reaching more than a million readers on a monthly basis, across the globe.