FBI confirms North Korean ‘TraderTraitor’ to blame for $1.5 billion Bybit hack

The FBI has released a statement confirming that the Democratic People’s Republic of Korea (North Korea) was responsible for the biggest crypto hack ever that saw $1.5 billion drained from the Bybit exchange earlier this month.

The statement, issued via the FBI’s Internet Crime Complaint Center, begins, “The Federal Bureau of Investigation (FBI) is releasing this PSA to advise the Democratic People’s Republic of Korea (North Korea) was responsible for the theft of approximately $1.5 billion USD in virtual assets from cryptocurrency exchange, Bybit, on or about February 21, 2025.

“FBI refers to this specific North Korean malicious cyber activity as “TraderTraitor.”

According to the statement, TraderTraitor actors have been rapidly converting the stolen assets to bitcoin and “other virtual assets,” via thousands of addresses and multiple blockchains.

It adds that it expects these assets to eventually be converted to fiat currency. It then goes on to list a series of Ethereum addresses that the FBI says are holding assets from the theft, and are operated by or connected to TraderTraitor actors.

Read more: LockBit ransomware gang sends ‘friendly advice’ to new FBI Director Kash Patel

Since the February 21 hack, many crypto services have been struggling to control the laundering of criminal proceeds with some claiming to have recovered funds.

In the immediate aftermath, customers rushed to withdraw over $4 billion in deposits. Nevertheless, Bybit was able to secure some loans and within days claimed to have replenished liquidity to back customer deposits on a 1:1 basis.

Got a tip? Send us an email or ProtonMail. For more informed news, follow us on X, Instagram, Bluesky, and Google News, or subscribe to our YouTube channel.