The infamous Lazarus Group, suspected of orchestrating the massive $1.4 billion Bybit hack, may also be linked to fraudulent Solana memecoin projects, including rug pulls on Pump.fun, according to blockchain investigator ZachXBT.
On February 21, Bybit suffered the largest crypto heist in history, losing over $1.4 billion in liquid-staked Ether (stETH), Mantle Staked ETH (mETH), and other assets. Cybersecurity firms, including Arkham Intelligence, have pointed to North Korea’s Lazarus Group as the likely perpetrators.
Now, ZachXBT suggests that the same entity laundering stolen Bybit funds may be behind recent Solana memecoin launches.
“On Feb. 22, the attacker transferred $1.08M from the Bybit hack to address 0x363908df2b0890e7e5c1e403935133094287d7d1, which then bridged USDC to Solana,” ZachXBT stated in a Feb. 23 Telegram post.
The funds were subsequently consolidated across multiple Solana wallets, some of which had prior ties to memecoin scams, according to the investigator.
“I have publicly identified over 920 addresses receiving Bybit hack funds and found that an individual laundering for Lazarus Group previously launched meme coins via Pump Fun,” he added.
Further onchain analysis also links the same Lazarus-affiliated wallets involved in the Bybit hack to the $29 million exploit of Phemex in January.
Memecoin Scams and Rug Pulls Weigh on Solana
Lazarus Group’s alleged involvement with Solana’s Pump.fun platform comes amid an ongoing surge in memecoin-related scams on the network.
Investor confidence in Solana took a hit after the dramatic collapse of the Libra (LIBRA) token, which had been endorsed by Argentine President Javier Milei. The project’s insiders reportedly drained over $107 million in liquidity in a rug pull, causing a 94% price drop within hours and wiping out $4 billion in market value.
Data from Glassnode indicates that Solana’s monthly capital inflow turned negative by -5.9%, reflecting declining sentiment. The number of active addresses on Solana also dropped to a weekly average of 9.5 million in February—down nearly 40% from 15.6 million in November 2024—marking a significant slowdown, according to CryptoVizArt, a senior analyst at Glassnode.
Despite these challenges, some industry analysts believe Solana’s long-term growth could benefit from overcoming these security threats. Blockchain researcher Aylo suggested in a Feb. 18 post on X that addressing these issues may ultimately strengthen the ecosystem.
For more news, find me on Twitter Giannis Andreou and subscribe to My channels Youtube and Rumble
What is your opinion on this particular topic? Leave us your comment below! We are always interested in your opinion!
