Bybit Unveils Blacklisted Wallet API to Aid Crypto Recovery Following a Hack
Crypto exchange Bybit introduced a blacklisted wallet API to track and recover lost funds amid a significant crypto security breach attributed to the Lazarus Group. To incentivize white-hat hackers who succeed in recovering lost funds, the platform also launched a bounty program.
The History of the Hack
In the aftermath of a sequence of cyberattacks that resulted in the theft of over $1.4 billion in cryptocurrency, Bybit rolled out its blacklisted wallet application programming interface (API) on 23 February 2025. The Lazarus Group, a North Korea-backed cybercrime cartel infamous for its role in the theft of large amounts of cryptocurrencies, was blamed for the attacks.
Security experts, white hat hackers, and forensic investigators are able to track down illegal transactions and retrieve stolen assets thanks to the newly introduced API, which delivers real-time data on suspicious wallet addresses that have been identified. The step is viewed as a proactive measure to increase industry-wide cooperation and security openness in the fight against cybercrime.
Bybit’s Recuperation Bounty Program
Bybit’s action also includes a bounty program that rewards up to 10% of the recovered funds to white-hat hackers who succeed in recovering stolen funds. Bybit CEO Ben Zhou highlighted the value of cooperation in combating cyber threats, saying:
“I’m thrilled with the incredible on-chain and real-life camaraderie. This can be an inflection point for our industry if we do it correctly. Together, we can build a stronger defense mechanism against cyber threats.”
This project is among the increasing line of rewarding ethical hackers who are a significant component of the blockchain ecosystem’s tightening security.
Industry and Law Enforcement Collaboration
To enhance tracking, Bybit is collaborating with Singaporean law enforcement and other cybersecurity partners. The firm has also teamed up with the Ethereum Foundation to discuss possible ways of recovering the stolen funds.
To make sure security professionals and crypto companies are supplied with the most up-to-date threat intelligence, the blacklisted wallet API will be continually updated with fresh data on illicit addresses. This method improves the across-the-board effectiveness of security measures.
Discussion in the Community: Should Ethereum Roll Back Its Blockchain?
Debates over whether Ethereum needs to roll back its blockchain to nullify illegal transactions and restore hacked funds have been triggered by the incident. In a Twitter (X) Spaces session on February 22, Zhou was questioned by a community member whether Ethereum should act to revert the hack. Zhou responded that the decision on rollback ought to be taken by the community, rather than by individual companies.
However, this proposal was denied by Ethereum core developer Tim Beiko as technically unfeasible and disruptive for the broader ecosystem. Beiko noted that Ethereum is a decentralized system, and rolling back transactions would set a dangerous precedent for the industry.
Security Implications for the Crypto Industry
The sector-wide drive for preventative security is reflected in Bybit’s blacklisted wallet API and bounty program. Enhanced security procedures and real-time threat detection are long overdue, considering the rising incidence of cryptocurrency-based cyberattacks.
Bybit’s actions establish a new benchmark for cybersecurity security, promoting greater transparency and sector-wide collaboration in the fight against cyberthreats.
