From Bybit to WazirX, is Lazarus Group the Bogeyman of Crypto?

On Monday morning, the crypto world woke up to the news of yet another exploit by “Lazarus Group”- the infamous cyber crime syndicate that is slowly turning into a bogeyman for web3 space.

OKX, a major cryptocurrency exchange, had to suspend their DEX aggregator after their platform was subjected to “planned media attacks” by Lazarus Group. This follows the recent hack of $1.5 Billion worth of Ethereum tokens from Bybit exchange, carried out in a brazen manner, yet again by the Lazarus Group.

The particular group gained infamy in 2024 as well by allegedly draining $234.9 million from WazirX, an India cryptocurrency exchange, that has now resulted in an indefinite suspension of the platform.

The internet has many theories for the Lazarus Group, some say its a sophisticated group of hackers managed by the North Korean government, some point towards a conglomerate of highly advanced hacking organizations while some it was the batman !

The trajectory of Lazarus Group’s exploits in the web3 space has gone from total obscurity to overnight infamy, with every sundry hack being attributed to them of late.

But what exactly is the Lazarus Group, has its members ever been identified, what is their modus operandi and whether they are serving as the bogeyman for the web3 space, a perfect cover for other hacking groups to take advantage of the situation and carry on exploits.

Recent Bybit Hack by Lazarus Group and Market Crash

Marked as the black day of the crypto industry, on 21st February 2025, Bybit, the world’s second largest cryptocurrency exchange had encountered the biggest ever hack involving ~$1.5 Billion worth of digital assets. Reportedly, this led to a domino effect, resulting in the crypto-verse encountering a nosedip of over 20% within days.

Since the hack, the crypto space has wiped out over $570 billion in valuation, from $3.29 Trillion to $2.72 Trillion. Moreover, top tokens such as Bitcoin, Ethereum, Solana, and XRP plunged below their crucial levels and continue trading under a strong bearish influence, raising alarms about the future prospects of the crypto market.

Lazarus group currently has a holding of $1.158 Billion as per the latest reports from Arkham, a cryptocurrency exchange platform and a public data house presenting blockchain, wallet, and crypto-related activity.

OKX ducks possible hack by Lazarus Group

As per the latest reports, OKX, one of the major Centralized cryptocurrency exchanges has temporarily paused its DEX aggregator in order to prevent itself from a possible theft from the Lazarus group as the cryptocurrency market is highly volatile at this point in time.

We are temporarily pausing our DEX aggregator to address incomplete tagging on blockchain explorers while we also roll out new security features. This is to address the recent coordinated attacks by media along with unsuccessful efforts by Lazarus group to misuse our DeFi… pic.twitter.com/r6oHNIaalT
— OKX (@okx) March 17, 2025

Moreover, in a clarification statement, the OKX has confirmed the regular services of the existing wallet addresses. However, creation of new wallets has been put on hold until the issue is fully resolved.

Is Lazarus Group Really Behind The Hacks?

Over the past decade, Lazarus group has been the mastermind of some of the major cryptocurrency hacks. Notably, since 2021, this organization has stolen over $5 Billion from the blockchain and Web3 ecosystem, leading to a major disruption. Out of these, the latest 8 successful hacks accounted for a total loss of $2.773 Billion.

Some of the biggest heists are as follows:

WazirX Hack: Labelled as the largest hack of 2024, during the WazirX heist, a total of $235 million was stolen. Reportedly, security lapse was speculated to be the prime reason for the unethical crime.

Ronin Bridge Hack: Dated back to March 2022, this hack accounted for a theft of $625 million. Considered as one of the biggest DeFi [Decentralized Finance] frauds, the FBI confirmed the involvement of Lazarus organization and North Korea for funding its military programs.

Poly Network Hack: Framed during the peak bull market of the third cycle, this theft resulted in a loss of $600 million during August 2021. Despite no concrete fact-check, it was speculated to be executed by the Lazarus group considering the complexity of the hack.

Nomad Hack: Executed right after the Ronin bridge incident, the Nomad case reported a $190 million heist during August 2022. Over the time, part funds were recovered, however, a large part of the stolen funds still lingers in the dark market.

Adding to the story, some of the top marketers speculate a possible Bogeyman angle, as such complex hacks are not possible by a single organization. Furthermore, they take a reference to ISIS as during the peak terrorism period in the 2010’s, it was held responsible for most of the attacks.

However, it is still a theory as no organization has claimed the responsibility of such events.

EndNote

Considering the recent hack and exploitation events, investors are furious as well as concerned about the future road map of the crypto adoption process. While the Donald Trump-led pro crypto administration is planning to form a Bitcoin reserve bill and officially recognizing Bitcoin as a mode of payment, the fear of rising hacks and exploitation could act as a major barrier in the global adoption.

Also Read: “Hackers are light years ahead ”Says Cvyers Firm VP who found WazirX Hack

Disclaimer: The information researched and reported by The Crypto Times is for informational purposes only and is not a substitute for professional financial advice. Investing in crypto assets involves significant risk due to market volatility. Always Do Your Own Research (DYOR) and consult with a qualified Financial Advisor before making any investment decisions.

Follow The Crypto Times on Google News to Stay Updated!