$1.4 Billion Bybit Hackers Now Tied to Solana Meme Coin Scams

Table of Contents

The infamous North Korean hacking syndicate, Lazarus Group, has once again emerged at the center of a massive cryptocurrency exploit.

The group, suspected of orchestrating the $1.4 billion Bybit hack on Feb. 21, may also have ties to recent Solana-based meme coin scams, including rug pulls facilitated through the Pump.fun platform, according to onchain investigator ZachXBT.

Bybit Hack Largest in History

Bybit’s devastating loss of over $1.4 billion in digital assets—including liquid-staked Ether (stETH) and Mantle Staked ETH (mETH)—sent shockwaves through the crypto community. Blockchain security firms, including Arkham Intelligence, have identified the Lazarus Group as the likely perpetrator of the exploit.

Also read: Bybit Billion-Dollar Blind Spot: $1.4B Hack Shocks Crypto World

Following the breach, the stolen funds have been tracked as they move across various wallets, with laundering efforts leading investigators to previously flagged illicit activities. ZachXBT reported that on Feb. 22, the attacker transferred $1.08 million from the Bybit hack to wallet 0x363908df2b0890e7e5c1e403935133094287d7d1, which then bridged USDC to Solana.

Further investigations revealed that the funds were dispersed across multiple Solana wallets, some of which have historical links to fraudulent meme coin projects.

“I made 920+ addresses receiving funds tied to the Bybit hack public and noticed a person laundering for Lazarus Group previously launched meme coins via Pump Fun,” ZachXBT shared in a Telegram post on Feb. 23.

This isn’t the first time Lazarus Group has been implicated in a high-profile exchange hack. The same wallets now connected to the Bybit breach were also reportedly responsible for the $29 million Phemex hack in January.

Also read: SEC Drops OpenSea Probe—A Game-Changer for NFTs?

Solana’s Rising Scam Epidemic

Solana has seen a surge in fraudulent activity, with numerous meme coin scams and rug pulls damaging investor confidence. The platform’s Pump.fun launchpad, designed for rapid meme coin creation, has been exploited by bad actors looking to execute pump-and-dump schemes.

One of the most high-profile cases was the rug pull involving the Libra (LIBRA) token, which had been endorsed by Argentine President Javier Milei. Insiders reportedly drained over $107 million from the project, triggering a catastrophic 94% price drop within hours, wiping out $4 billion in investor capital.

Market Impact and Solana’s Declining Activity

The growing number of scams on Solana appears to have affected user sentiment and on-chain activity. According to data from Glassnode, the monthly capital inflow into Solana and its MEME index dropped by -5.9%. Additionally, active user addresses on the Solana network fell sharply to a weekly average of 9.5 million in February, a nearly 40% decline from 15.6 million active addresses in November 2024.

Despite these alarming trends, analysts believe Solana’s robust technological foundation may ultimately help it weather these challenges. CryptoVizArt, a senior analyst at Glassnode, acknowledged the cooldown but emphasized that Solana remains more active than pre-bull market levels.

Also read: From Payroll to Prison: The $5.7M Bybit Fraud That Shocked Crypto

Blockchain researcher Aylo also provided a longer-term perspective, arguing in a Feb. 18 post on X that these growing pains could ultimately strengthen Solana by exposing weaknesses and forcing the ecosystem to mature.

Solana’s tech is so good it attracted a shit load of criminals.

The tech is neutral, but humans aren’t.

Employees of key protocols have likely been corrupted because that is what happens to humans when the opportunity to make vast sums of money in a short period of time…
— Aylo (@alpha_pls) February 18, 2025

Crypto Security Remains a Major Concern

The Lazarus Group’s continued involvement in high-profile crypto thefts sheds light on the persistent security risks in the digital asset sector. The use of onchain forensic tools and blockchain intelligence has become critical in tracking illicit fund flows, but the ability of sophisticated actors to execute large-scale hacks remains a serious concern.

Also read: “Let Him Pay and Move On” – Ulbricht Defends Roger Ver Amid 131,000 BTC Tax Scandal

As the industry grapples with these evolving threats, exchanges and blockchain networks will need to bolster security measures, improve monitoring capabilities, and educate users on potential risks. Meanwhile, the growing body of onchain investigative work by researchers like ZachXBT continues to shed light on the intricate web of cybercriminal activity within the crypto space.

Author

Steven Walgenbach

Steven's passion for cryptocurrency and blockchain technology began in 2014, inspiring him to immerse himself in the field. He notably secured a top 5 world ranking in robotics. While he initially pursued a computer science degree at the University of Texas at Arlington, he chose to pause his studies after two semesters to take a more hands-on approach in advancing cryptocurrency technology. During this period, he actively worked on multiple patents related to cryptocurrency and blockchain. Additionally, Steven has explored various areas of the financial sector, including banking and financial markets, developing prototypes such as fully autonomous trading bots and intuitive interfaces that streamline blockchain integration, among other innovations.

View all posts