FBI identifies North Korea as responsible for $1.5 billion Bybit crypto heist, labels activity “TraderTraitor”

The Federal Bureau of Investigation (FBI) announced Wednesday they have found North Korea as the entity they believe was responsible for the $1.5 billion Bybit crypto theft. The agency has labeled this cyber activity “TraderTraitor.”

The attack, which occurred on Feb. 21, has gone down as the largest publicly disclosed crypto hack on record. Lazarus Group, North Korea’s notorious hacking organization, has been identified as the actors who executed the massive cyber intrusion against Bybit.

According to the federal authorities, TraderTraitor actors have already begun converting the stolen assets to Bitcoin and other digital assets, dispersing them across thousands of addresses on multiple blockchains. The agency expects these assets will undergo further laundering before being converted to fiat currency.

The FBI is urging private sector entities, including RPC node operators, exchanges, bridges, blockchain analytics firms, DeFi services, and other virtual asset service providers to block transactions with addresses linked to TraderTraitor actors.

The agency has released a list of 48 Ethereum addresses that are either holding or have held assets from the theft, identifying them as operated by or closely connected to North Korean TraderTraitor actors.