Person
Lazarus Group
North Korean state-sponsored cybercrime group. Identified by US Treasury as the perpetrators of the Ronin bridge hack and several other major crypto exploits.
Records featuring Lazarus Group
Bybit Cold-Wallet Hack — February 2025
During a routine multi-sig transfer from an Ethereum cold wallet, malicious code injected into the signing UI tricked three Bybit executives into approving the transfer of approximately 401,000 ETH to a Lazarus-controlled address — at $1.46 billion, the largest cryptocurrency theft on record.
$1.46B affectedWazirX Multi-Sig Hack — July 2024
India's largest cryptocurrency exchange lost approximately $235M from a multi-sig wallet compromise attributed to North Korea's Lazarus Group. Singapore restructuring proceedings remain open.
$235.0M affectedDMM Bitcoin Hack — May 2024
The Japanese exchange lost approximately $305M of BTC to a private-key compromise attributed by the FBI to North Korea's TraderTraitor (Lazarus). DMM covered customer balances and wound down operations in 2025.
$305.0M affectedStake.com Hot-Wallet Hack — September 2023
The Australian-licensed crypto-betting platform lost ~$41M to a hot-wallet compromise attributed by the FBI to North Korea's Lazarus Group. Customer balances were unaffected.
$41.0M affectedAtomic Wallet Hack — June 2023
Approximately 5,500 users of the Estonian non-custodial Atomic Wallet lost a combined ~$100M in June 2023, in an attack attributed by Elliptic and US law enforcement to North Korea's Lazarus Group.
$100.0M affectedRonin Bridge Hack — March 2022
A North Korean state actor compromised 5 of 9 validator nodes on the Ronin sidechain, draining $625 million in ETH and USDC.
$625.0M affected