The cryptocurrency world is reeling from new revelations surrounding the massive $1.4 billion Bybit hack, as emerging reports link the notorious Lazarus Group to additional fraudulent activities involving Solana-based memecoin scams. Meanwhile, Ethereum developers debate the feasibility of rolling back the network to recover lost funds, and Bybit takes steps to incentivize fund recovery through a substantial bounty program.
Lazarus Group Possibly Behind Solana Memecoin Scams
According to blockchain investigator ZachXBT, the North Korea-backed Lazarus Group, already identified as the primary suspect in the record-breaking Bybit hack, may also be involved in a series of rug pulls on Solana’s Pump.fun platform. On-chain analysis suggests that some of the stolen Bybit funds were funneled into wallets linked to fraudulent memecoin launches.
ZachXBT highlighted key blockchain movements in a Feb. 23 Telegram post, revealing that $1.08 million from the Bybit exploit was sent to an Ethereum address (0x363908df2b0890e7e5c1e403935133094287d7d1) before being bridged to Solana in USDC. The funds were subsequently distributed across multiple wallets, some of which had prior ties to memecoin scams.
“I made 920+ addresses receiving funds tied to the Bybit hack public and noticed a person laundering for Lazarus Group previously launched meme coins via Pump Fun,” ZachXBT explained.
This latest revelation deepens concerns over the hacking group’s expanding cybercriminal activities, further damaging investor confidence in decentralized finance (DeFi) security.
Ethereum Rollback Proposal Deemed “Technically Intractable”
As the industry grapples with the fallout of the Bybit hack, calls for an Ethereum rollback have grown, with some advocating for the network to be restored to its pre-Feb. 21 state to nullify the transactions linked to the attack. However, Ethereum core developer Tim Beiko has strongly cautioned against such a move, calling it technically unfeasible.
“It’s worth breaking down why this reasonably sounding proposal is technically intractable for less knowledgeable observers,” Beiko wrote in a Feb. 22 post on X (formerly Twitter).
The exploit stemmed from a deceptive transfer in Bybit’s multisig wallet system, where a compromised smart contract allowed the attacker to siphon funds while appearing to conduct a legitimate transaction. Beiko emphasized that reversing such an incident would pose immense technical challenges and could set a dangerous precedent for Ethereum’s decentralization and immutability.
Bybit Announces $140 Million Bounty Program
In a proactive attempt to recover the stolen funds, Bybit has introduced a bounty program offering up to 10% of the lost assets—approximately $140 million—to ethical hackers or individuals who successfully aid in the return of the stolen crypto.
Bybit CEO Ben Zhou stated that the exchange is working closely with law enforcement agencies and blockchain security experts to track the movement of the hacked funds. He also revealed that discussions are underway with Ethereum co-founder Vitalik Buterin to explore further solutions.
“Our priority remains the security of our users, and we will exhaust all possible measures to recover the funds,” Zhou affirmed.
The Bybit hack remains one of the most significant security breaches in crypto history, with far-reaching implications for the industry. The alleged involvement of Lazarus Group in additional scams underscores the ongoing cybersecurity threats facing DeFi and centralized exchanges alike. As Bybit pursues recovery efforts and Ethereum developers weigh their options, the crypto community remains on high alert, bracing for potential developments in one of the most alarming cybercrime cases to date.
