-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add Bybit's $1.4 Billion ETH Hack and Lazarus Bounty cards with detai…
…led overviews and reward structures
- Loading branch information
1 parent
5fa2d12
commit 2ab7718
Showing
2 changed files
with
35 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,11 @@ | ||
| #show-card | ||
|
|
||
| # Bybit's $1.4 Billion ETH Hack | ||
|
|
||
| ## Overview | ||
|
|
||
| On Feb 21, 2025, the world's second-largest cryptocurrency exchange Bybit suffered a massive security breach, resulting in the theft of approximately 410,000 ETH (worth $1.4 billion at the time). The attack was believed to be orchestrated by the North Korean state-sponsored hacking group Lazarus. | ||
|
|
||
| ## What Happened | ||
|
|
||
| From the information provided by the Bybit team, the hackers seem to have exploited the Bybit multi-signature signer system and made a mocked UI to trick the signers into signing the transactions. These mocked UIs were designed to look like the real UI with correct addresses and safe URLs. The hackers then took control of the multi-signature ETH cold wallet and transferred the funds to their own wallet. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,24 @@ | ||
| #show-card | ||
|
|
||
| # Lazarus Bounty | ||
|
|
||
| ## Overview | ||
|
|
||
| [Lazarus Bounty](https://www.lazarusbounty.com/) is a collaborative program launched to counter North Korean state-sponsored hacking group Lazarus (also known as APT38 or HIDDEN COBRA), which has stolen over $3 billion in cryptocurrency assets often used to fund North Korea's weapons programs. The program incentivizes the identification and reporting of Lazarus-associated wallets through substantial financial rewards, with its importance highlighted by a recent incident [[ByBit's $1.4 Billon ETH Hack]] where approximately 1.4 billion ETH was stolen from Bybit in an attack believed to be linked to the group. | ||
|
|
||
| ## Reward Structure | ||
|
|
||
| - The total bounty is 10% of the recovered funds, distributed as follows: | ||
| - 5% to the entity that successfully froze the funds | ||
| - 5% to contributors who helped trace the funds | ||
| - Bounties are awarded immediately once the funds are confirmed as frozen | ||
| - Rewards of up to $500,000 are available for high-quality intelligence that leads to the identification of Lazarus-controlled wallets or the recovery of stolen funds | ||
|
|
||
| ## How to Participate | ||
|
|
||
| Participants can submit intelligence through the official website at [lazarusbounty.com](https://www.lazarusbounty.com/en/). All submissions are evaluated by experts, including former law enforcement officials specialized in cryptocurrency investigations. | ||
|
|
||
|
|
||
| ## References | ||
| - [Ben Zhou's Twitter announcement](https://x.com/benbybit/status/1894397098323579333) | ||
| - [Official Lazarus Bounty website](https://www.lazarusbounty.com/en/) |