Unmasking The Man Behind The Bybit’s $1.5 Billion Heist

Earlier this month, Bybit was hit by a hacker, and funds amounting to $1.5 billion were stolen. This was one of the biggest and most blatant heists of the crypto community in recent times. Hackers managed to infiltrate the Dubai-based company’s ETH cold wallet and stole $1.5 billion in digital assets. The heist has captured the attention of analysts far and wide.  

The heist soon put everyone on overdrive. The community came together to minimize the damage caused by the heist. Arkham Intelligence even set a bounty to capture the cyber brigands. As a result, an independent on-chain investigator named ZachXBT went to work and pinpointed the hacker’s IP. In fact, Zach was the first person to notice abnormal activity in Bybit’s network.  

Later, the CEO of Bybit, Ben Zhou, came forward with the news of the attack. The attacker(s) was believed to have manipulated the transaction in a way that deceived the wallet’s signers. This allowed the hacker(s) to redirect the fund to an unauthorized address. This was a sophisticated job and involved a deep understanding of the systems. 

Lazarus Strikes Again 

In the aftermath of this massive heist, investigators found that North Korea’s Lazarus Group was behind this. This is a notorious group that has been linked to several infamous crypto heists, including the $600 million Ronin Network breach in 2022 and the $234 million attack on WazirX in 2024. New reports suggest that Park Jin Hyok is the mastermind who orchestrated this attack. 

The Bybit hack has been exposed, and emerging reports suggest that Park Jin Hyok might be responsible. If true, this would place him among the most formidable hackers encountered to date, given his alleged track record. This incident is being described as one of the largest… pic.twitter.com/BqnB8kCPw2

— Nana Sei Anyemedu (@RedHatPentester) February 22, 2025

Hyok is not a new name in the world of cyber attacks. In fact, back in 2018, the FBI issued a warrant against Hyok.

Park Jin Hyok is #wanted by @FBILosAngeles on charges related to his alleged role as a North Korean computer programmer who is part of a state-sponsored hacking organization responsible for some of the costliest computer intrusions in history. https://t.co/m6Blto337L pic.twitter.com/DWEfad9cbV

— FBI (@FBI) September 8, 2018

FBI accused Hyok of being one of the many state-sponsored hackers raised by North Korea. In a famous X-post, the FBI shared a picture of the hacker along with the following caption, “Park Jin Hyok is #wanted by @FBILosAngeles on charges related to his alleged role as a North Korean computer programmer who is part of a state-sponsored hacking organization responsible for some of the costliest computer intrusions in history.” 

Making Of A Legend 

Hyok might be a thief, but he is a legend. For a person to orchestrate and execute such sophisticated attacks repeatedly is not a matter of joke. Hyok is one of the state-trained computer hackers accused of some of the most remarkable cyber theft and intrusion in the world.  

Sources suggest that Hyok graduated from the Kim Chaek University of Technology and began his career as a computer expert at Chosun Expo, a known breeding ground for state-sponsored cybercriminals. However, Hyok is not just for money. Back in 2014, Hyok hacked into Sony Pictures’ internal network and crippled it in retaliation for the satirical film The Interview, where a comedic representation of North Korea was shown.  

It has been nearly a decade since Hyok attacked renowned and established technological companies. Hence, this shows that Hyok is winning, and he certainly knows that.