FBI Calls for Action Against North Korean Hackers

The FBI has called on DeFi players to blacklist addresses linked to North Korean hackers involved in laundering $1.5 billion in stolen Bybit funds.

The agency referenced the threat actor ‘TraderTraitor’ and urged collaboration among private sector participants like exchanges, DeFi services, and blockchain analytics firms to hinder transactions related to compromised addresses.

Bybit: Wallet Compromise

The FBI’s announcement followed Bybit’s preliminary investigation, which revealed that the hack stemmed from a compromise on the Gnosis Safe wallet system. The Gnosis Safe team confirmed that the Lazarus group breached one of its developers’ machines.

> “Safe smart contracts unaffected. An attack was conducted by compromising a developer machine, affecting a Bybit-operated account.”

Binance founder CZ criticized the Gnosis Safe statement as vague, questioning the handling of such a large breach.

> “Was $1.4 billion the largest address managed using Safe? Why didn’t they target others?”

In response, Martin Koeppelmann, Gnosis Safe founder, stated they were monitoring all transactions after the hack occurred.

Bybit lost 401K ETH in the incident but managed to stabilize its ETH reserves quickly. The market reaction saw ETH rise to $2.8K after the hack but dropped to $2.2K amid inflation concerns following President Trump’s tariff proposals.