调查显示，拉撒路组与Bybit Hack和Solana Memecoin骗局有关，调查显示

2025年2月23日，链链调查员Zachxbt发表了发现，将朝鲜的拉撒路集团与2025年2月21日将朝鲜的拉撒路集团与大量14亿美元的拜比特黑客联系起来。

North Korea’s Lazarus Group has been linked to the massive $1.4 billion Bybit hack and recent memecoin scams on Solana’s Pump.fun platform, according to an investigation.

一项调查显示，朝鲜的拉撒路集团与索拉纳（Solana）的泵送平台上的14亿美元bybit Hack和最近的Memecoin骗局有关。

On February 23, on-chain investigator ZachXBT published his findings, shedding light on a complex laundering operation involving stolen funds from the Bybit hack.

2月23日，链链调查员Zachxbt发表了他的发现，阐明了一项复杂的洗钱行动，该行动涉及Bybit Hack被盗资金。

The investigation revealed that on February 22, the attacker received $1.08 million from the Bybit hack, which was then bridged as USDC to Solana at a wallet address (0x363908df2b0890e7e5c1e403935133094287d7d1).

调查显示，2月22日，攻击者从Bybit Hack获得了108万美元，然后在Wallet地址（0x363908DF2B0890E7E5C1E40393939351333094287D7D7D7D1）在bybit Hack中以USDC的形式桥接到Solana。

After being split between several wallets, several of the addresses were linked to memecoin scams. Through his analysis, ZachXBT identified over 920 cryptocurrency addresses involved in the hack, with Lazarus Group’s footprints being observed in Pump.fun memecoin launches.

在几个钱包之间分开后，将其中一些地址与Memecoin骗局有关。通过他的分析，Zachxbt确定了该黑客涉及的920多个加密货币地址，Lazarus集团在Pump.Fun Memecoin发射中观察到了足迹。

Bybit Hack Funds Laundered Through Solana Memecoin Platforms

通过Solana Memecoin平台洗钱的Bybit Hack资金

According to ZachXBT’s analysis, Lazarus Group laundered the stolen Bybit funds through multiple transactions. The $1.08 million USDC, which was bridged from Solana to Binance Smart Chain (BSC), was split across more than 30 addresses through a programmed mechanism.

根据Zachxbt的分析，Lazarus Group通过多次交易清洗了被盗的Bybit基金。从Solana到Binance Smart Chain（BSC）桥接的108万美元美元通过程序机制分配了30多个地址。

The address (0x0beb8b5f899a15ed5e6be5c597f88b2c7d5b3a) collected the funds before returning them to Solana. Several wallets then distributed the funds, with one sending $106,000 USDC to ten Solana addresses belonging to coin scammers.

地址（0x0BeB8B5F899A15ED5E6BE5C597F88B2C7D5B3A）在将其退还给Solana之前收集了资金。然后，几个钱包分配了资金，其中一张向属于硬币骗子的十个索拉纳地址发送了106,000美元。

The investigator highlighted that Lazarus Group launched meme coins on Pump.fun, and 15 hours later, the activities showed that the cybercriminals used the platform to conceal the origins of their stolen funds. The exchanged funds were then moved to different exchanges, making it difficult to track and detect.

调查人员强调，拉撒路集团在pump.fun上推出了模因硬币，15小时后，这些活动表明，网络犯罪分子使用该平台掩盖了被盗资金的起源。然后将交换的资金移至不同的交流，使得很难进行跟踪和检测。

While ZachXBT’s findings were shared with several parties, including執法部门, the specific details of these parties were not disclosed to prevent interference. However, ZachXBT confirmed that the wallets were cleared from analytics tools.

虽然Zachxbt的发现与包括执法部门在内的多个当事方共享，但这些当事方的具体细节尚未披露以防止干扰。但是，ZachXBT确认这些钱包是从分析工具中清除的。

Broader Crypto Attack Patterns by Lazarus Group

拉撒路集团的更广泛的加密攻击模式

ZachXBT’s findings also extended beyond the Bybit hack. The same Lazarus Group wallets linked to the Bybit hack were also connected to the $29 million Phemex hack in January.

Zachxbt的发现也超出了Bybit Hack。与Bybit Hack相关的同一个Lazarus集团钱包也与一月份的2900万美元Phemex Hack相连。

This pattern suggests a consistent strategy employed by the group, targeting cryptocurrency platforms and laundering funds across different blockchains, including Solana and BSC.

这种模式表明该小组采用了一致的策略，以跨不同区块链（包括Solana和BSC）的加密货币平台和洗钱资金为目标。

The report also highlighted the group’s role in Solana’s recent memecoin scams, including rug pulls on Pump.fun. These scams have impacted investor trust in Solana, with high-profile cases such as the LIbra token rug pull, where insiders allegedly drained over $107 million.

该报告还强调了该集团在Solana最近的Memecoin骗局中的作用，包括Rug on pump.fun。这些骗局影响了投资者对Solana的信任，并引起了备受瞩目的案例，例如天秤座的地毯拉力，据称内部人士耗尽了超过1.07亿美元的资金。

Such incidents have contributed to a decline in Solana’s user activity, with the number of active addresses dropping to 9.5 million in February 2025, compared to 15.6 million in November 2024.

此类事件导致Solana用户活动的下降，活动地址的数量在2025年2月下降到950万，而2024年11月的1560万。

The investigation underscores the challenges faced by blockchain networks in combating sophisticated cyber threats. Lazarus Group’s actions showcase a growing trend of exploiting decentralized platforms for money laundering, which ultimately affects the security and stability of the broader crypto industry.

调查强调了区块链网络在打击复杂的网络威胁方面面临的挑战。拉撒路集团的行动展示了利用分散平台进行洗钱的日益增长的趋势，最终影响了更广泛的加密行业的安全性和稳定性。