調查顯示，拉撒路組與Bybit Hack和Solana Memecoin騙局有關，調查顯示

2025年2月23日，鍊鍊調查員Zachxbt發表了發現，將朝鮮的拉撒路集團與2025年2月21日將朝鮮的拉撒路集團與大量14億美元的拜比特黑客聯繫起來。

North Korea’s Lazarus Group has been linked to the massive $1.4 billion Bybit hack and recent memecoin scams on Solana’s Pump.fun platform, according to an investigation.

一項調查顯示，朝鮮的拉撒路集團與索拉納（Solana）的泵送平台上的14億美元bybit Hack和最近的Memecoin騙局有關。

On February 23, on-chain investigator ZachXBT published his findings, shedding light on a complex laundering operation involving stolen funds from the Bybit hack.

2月23日，鍊鍊調查員Zachxbt發表了他的發現，闡明了一項複雜的洗錢行動，該行動涉及Bybit Hack被盜資金。

The investigation revealed that on February 22, the attacker received $1.08 million from the Bybit hack, which was then bridged as USDC to Solana at a wallet address (0x363908df2b0890e7e5c1e403935133094287d7d1).

調查顯示，2月22日，攻擊者從Bybit Hack獲得了108萬美元，然後在Wallet地址（0x363908DF2B0890E7E5C1E40393939351333094287D7D7D7D1）在bybit Hack中以USDC的形式橋接到Solana。

After being split between several wallets, several of the addresses were linked to memecoin scams. Through his analysis, ZachXBT identified over 920 cryptocurrency addresses involved in the hack, with Lazarus Group’s footprints being observed in Pump.fun memecoin launches.

在幾個錢包之間分開後，將其中一些地址與Memecoin騙局有關。通過他的分析，Zachxbt確定了該黑客涉及的920多個加密貨幣地址，Lazarus集團在Pump.Fun Memecoin發射中觀察到了足跡。

Bybit Hack Funds Laundered Through Solana Memecoin Platforms

通過Solana Memecoin平台洗錢的Bybit Hack資金

According to ZachXBT’s analysis, Lazarus Group laundered the stolen Bybit funds through multiple transactions. The $1.08 million USDC, which was bridged from Solana to Binance Smart Chain (BSC), was split across more than 30 addresses through a programmed mechanism.

根據Zachxbt的分析，Lazarus Group通過多次交易清洗了被盜的Bybit基金。從Solana到Binance Smart Chain（BSC）橋接的108萬美元美元通過程序機制分配了30多個地址。

The address (0x0beb8b5f899a15ed5e6be5c597f88b2c7d5b3a) collected the funds before returning them to Solana. Several wallets then distributed the funds, with one sending $106,000 USDC to ten Solana addresses belonging to coin scammers.

地址（0x0BeB8B5F899A15ED5E6BE5C597F88B2C7D5B3A）在將其退還給Solana之前收集了資金。然後，幾個錢包分配了資金，其中一張向屬於硬幣騙子的十個索拉納地址發送了106,000美元。

The investigator highlighted that Lazarus Group launched meme coins on Pump.fun, and 15 hours later, the activities showed that the cybercriminals used the platform to conceal the origins of their stolen funds. The exchanged funds were then moved to different exchanges, making it difficult to track and detect.

調查人員強調，拉撒路集團在pump.fun上推出了模因硬幣，15小時後，這些活動表明，網絡犯罪分子使用該平台掩蓋了被盜資金的起源。然後將交換的資金移至不同的交流，使得很難進行跟踪和檢測。

While ZachXBT’s findings were shared with several parties, including執法部门, the specific details of these parties were not disclosed to prevent interference. However, ZachXBT confirmed that the wallets were cleared from analytics tools.

雖然Zachxbt的發現與包括執法部門在內的多個當事方共享，但這些當事方的具體細節尚未披露以防止干擾。但是，ZachXBT確認這些錢包是從分析工具中清除的。

Broader Crypto Attack Patterns by Lazarus Group

拉撒路集團的更廣泛的加密攻擊模式

ZachXBT’s findings also extended beyond the Bybit hack. The same Lazarus Group wallets linked to the Bybit hack were also connected to the $29 million Phemex hack in January.

Zachxbt的發現也超出了Bybit Hack。與Bybit Hack相關的同一個Lazarus集團錢包也與一月份的2900萬美元Phemex Hack相連。

This pattern suggests a consistent strategy employed by the group, targeting cryptocurrency platforms and laundering funds across different blockchains, including Solana and BSC.

這種模式表明該小組採用了一致的策略，以跨不同區塊鏈（包括Solana和BSC）的加密貨幣平台和洗錢資金為目標。

The report also highlighted the group’s role in Solana’s recent memecoin scams, including rug pulls on Pump.fun. These scams have impacted investor trust in Solana, with high-profile cases such as the LIbra token rug pull, where insiders allegedly drained over $107 million.

該報告還強調了該集團在Solana最近的Memecoin騙局中的作用，包括Rug on pump.fun。這些騙局影響了投資者對Solana的信任，並引起了備受矚目的案例，例如天秤座的地毯拉力，據稱內部人士耗盡了超過1.07億美元的資金。

Such incidents have contributed to a decline in Solana’s user activity, with the number of active addresses dropping to 9.5 million in February 2025, compared to 15.6 million in November 2024.

此類事件導致Solana用戶活動的下降，活動地址的數量在2025年2月下降到950萬，而2024年11月的1560萬。

The investigation underscores the challenges faced by blockchain networks in combating sophisticated cyber threats. Lazarus Group’s actions showcase a growing trend of exploiting decentralized platforms for money laundering, which ultimately affects the security and stability of the broader crypto industry.

調查強調了區塊鍊網絡在打擊複雜的網絡威脅方面面臨的挑戰。拉撒路集團的行動展示了利用分散平台進行洗錢的日益增長的趨勢，最終影響了更廣泛的加密行業的安全性和穩定性。