![]() |
|
![]() |
|
![]() |
|
![]() |
|
![]() |
|
![]() |
|
![]() |
|
![]() |
|
![]() |
|
![]() |
|
![]() |
|
![]() |
|
![]() |
|
![]() |
|
![]() |
|
Cryptocurrency News Articles
The $1.5B Bybit Hack Turned North Korean Lazarus Group Into One of the Top 15 Ethereum Holders
Mar 11, 2025 at 10:30 pm
The recent $1.5 billion Bybit hack turned North Korean Lazarus Group into one of the top 15 Ethereum holders in the world.
The recent $1.5 billion Bybit hack, which turned North Korean Lazarus Group into one of the top 15 Ethereum holders in the world, has sent shockwaves through the crypto space.
In a conversation with BeInCrypto, representatives from Holonym, Cartesi, and Komodo Platform discussed the implications of this breach, steps to curb similar situations in the future, and how public trust in Ethereum can be restored.
A Different Kind of Breach
The Bybit hack shook the crypto community not just because of the quantity of funds stolen but also because of the nature of the breach.
While other crypto exchange breaches, like the 2014 Mt. Gox episode or the 2018 Coincheck hack, involved private keys or direct compromises of exchange wallets, Bybit’s situation was different.
Rather than stealing private keys, the hackers manipulated the transaction signing process, indicating that it was an infrastructure-level attack. The transaction signing process was targeted instead of the asset storage itself.
This detail exposed a serious security flaw. Third-party integrations become weak points even if an exchange locks down its systems.
Lazarus Group Among Ethereum’s Top Holders
Following the monumental hack, North Korea is among the top 15 largest Ethereum holders.
According to on-chain data, Gemini, which previously held the 15th position, holds 369,498 ETH in its Ethereum wallet. Since Bybit hackers stole over 401,000 ETH, they now overtook Gemini in ownership.
The fact that an infamous group like Lazarus, responsible for several high-profile hacks in the crypto sector, now holds such an important amount of Ether raises several trust issues. While initial speculation pointed toward a weakness in Ethereum’s decentralized nature, Nanak Nihal Khalsa, Co-Founder of Holonym, discards this claim.
Given that Ethereum’s governance and consensus mechanisms rely on validators rather than token holders, the Lazarus Group holding such a substantial amount of ETH does not compromise the network’s overall decentralization.
“Lazarus still owns less than 1% of ETH in circulation, so I don’t see it as highly relevant beyond simple optics. While it’s a lot of ETH, they still own less than 1%. I’m not worried at all,” Khalsa told BeInCrypto.
Kadan Stadelmann, Chief Technology Officer at Komodo Platform, agreed, emphasizing that Ethereum’s infrastructure design is the source of its weakness.
“It proves a vulnerability in Ethereum’s architecture: illicit actors could expand their holdings further by targeting exchanges or DeFi protocols, and thus wield an influence over market dynamics and possibly change governance decisions in Ethereum’s off-chain processes by voting on improvement proposals. While Ethereum’s technical decentralization has not been compromised, Lazarus Group has eroded trust in Ethereum,” Stadelmann told BeInCrypto.
However, while token holders cannot influence Ethereum’s consensus mechanisms, they can manipulate markets.
Potential Impacts and Market Manipulations
Though the Bybit hackers have already finished laundering the stolen ETH, Stadelmann outlined a series of possible scenarios that the Lazarus Group could have carried out with the massive wealth they originally accumulated. One option is staking.
“Ethereum’s Proof-of-Stake security relies on honest validators and resilience of wallets, exchanges, and dApps. While the Lazarus Group’s haul doesn’t threaten the blockchain’s consensus mechanism, since their holdings are not known to be staked, it certainly raises the spectre that this could be achieved. They’re unlikely to do this, as the funds they’ve stolen have been tracked,” he explained.
Along equally unlikely lines, the Bybit hackers could cause a significant market downturn by selling their holdings altogether.
“Their holdings do give them an opportunity to manipulate markets, such as if they dump their holdings. This would be difficult to do since their ETH are flagged. If they try to exchange the ETH via selling, their assets could be frozen,” Stadelmann added.
What Stadelmann is most worried about looking toward the future is the impact hacks can have on Ethereum’s Layer 2 protocols.
“Lazarus and its partners could attempt to attack Layer 2 protocols like Arbitrum and Optimism. A censorship attack on layer 2 could undermine dApps and cause the ecosystem to move towards centralized transaction sequencers. That would underscore Ethereum’s weakness,” he said.
While Ethereum’s network was not compromised, Safe Wallet’s attacks underscored the vulnerabilities in the security of the greater ecosystem.
“The breach has certainly increased tensions in the ecosystem, and created an uneven token distribution. The question remains: will Lazarus or other hacking groups associated with state actors attempt to exploit the Ethereum ecosystem, particularly at layer 2?” Stadelmann concluded.
It also raised questions about the need for better security standards.
Verification Over Trust
Khalsa argued that the Bybit hack, while not a
Disclaimer:info@kdj.com
The information provided is not trading advice. kdj.com does not assume any responsibility for any investments made based on the information provided in this article. Cryptocurrencies are highly volatile and it is highly recommended that you invest with caution after thorough research!
If you believe that the content used on this website infringes your copyright, please contact us immediately (info@kdj.com) and we will delete it promptly.