ByBit Launches Crowdsourced Bounty Hunt Following Massive Cryptocurrency Theft

By Joe Tidy & Tom Singleton | Cyber Correspondent & Technology Reporter

In a groundbreaking move following what is believed to be the largest cryptocurrency theft in history, ByBit, a leading cryptocurrency trading platform, is turning to the public for assistance in recovering its substantial losses. The company has launched an innovative crowdsourcing initiative that offers cash rewards to individuals who can identify and help prevent criminals from cashing out the stolen funds.

The Theft: A Multi-Billion Dollar Heist

Last week, hackers linked to North Korea’s infamous Lazarus Group executed a sophisticated attack on ByBit, stealing an astounding $1.46 billion (£1.1 billion) worth of cryptocurrency. This massive breach not only highlights the vulnerabilities within the cryptocurrency realm but also raises concerns about the security of digital assets in general.

The Lazarus Group is notorious for its cyber crimes and is believed to utilize complex online money laundering schemes to convert stolen cryptocurrencies into untraceable assets. As investigators work to follow the money trail, ByBit is offering incentives to the public as part of its efforts to reclaim the stolen assets.

ByBit’s Bounty Scheme: Join the Fight

"Join us in the war against Lazarus," proclaimed ByBit CEO Ben Zhou in a recent online post, which included a link to the newly established bounty website. This platform aims to engage individuals in the monitoring of cryptocurrency transactions, particularly those that appear to be part of the laundering process.

The bounty scheme operates on a simple premise: any individual or organization that successfully identifies a portion of the stolen funds will receive a 5% reward for their efforts, which will be allocated for assisting in freezing the assets. The same percentage will be awarded to the companies that take action to safeguard the identified funds. A live leaderboard on the website showcases the contributions of various participants, already highlighting millions of dollars allocated to reward successful cryptocurrency investigators.

Zhou affirmed the company’s commitment to the initiative, stating, "We have assigned a team to dedicate to maintain and update this website; we will not stop until Lazarus or other bad actors in the industry is eliminated."

The Response from Experts

The bounty scheme has garnered attention from experts in cryptocurrency investigations. Tom Robinson from crypto investigation firm Elliptic remarked, "This is a really positive innovation," emphasizing the potential for talented blockchain investigators to track down the stolen funds and contribute to recovery efforts.

However, not all responses to the situation have been optimistic. Louise Abbott, a crypto fraud expert from Keystone Law, cautioned that the scale of the theft could harm the perception of trust in an already volatile industry. "If such a hack can occur on the world’s second largest exchange, it can certainly happen again," she noted.

A Lack of Regulation and Cooperation

The decentralized nature of cryptocurrency transactions poses unique challenges, as there are no central banks or regulators involved in overseeing these activities. As a result, victims of cyber crimes often lack a clear avenue for recourse. ByBit finds itself dependent on the goodwill of other cryptocurrency platforms, some of which have been slow or unwilling to cooperate.

The company’s website is actively tracking exchanges that have not responded to requests for help. Notably, eXch, a platform known for allowing anonymous transactions, has reportedly refused to assist ByBit. Research from Elliptic suggests that eXch has previously been used to launder substantial amounts of stolen assets, including $75 million traced back to the ByBit hack.

Future Developments

ByBit plans to extend its bounty website to other victims of the Lazarus Group, indicating a collaborative approach to tackle the ongoing threat posed by cyber criminals. The site’s branding, featuring a striking logo depicting a knife through an illustration of North Korean leader Kim Jong Un’s hair, underscores the seriousness of the situation and the urgency for action.

This incident coincides with a broader pattern of cyber crimes attributed to North Korea, with estimates suggesting that the Lazarus Group has been responsible for approximately $6 billion in cryptocurrency thefts in recent years. Analysts assert that the stolen funds are often utilized to circumvent international sanctions and fund the nation’s military endeavors.

As the recovery efforts unfold, the cryptocurrency community will be watching closely to see how effective crowdsourcing strategies will be in reclaiming stolen assets and restoring faith in digital currencies.