James Evison recently posted about James Howells, the man whose ex-partner accidentally threw away a hard drive containing the key to bitcoin worth hundreds of millions.
When people talk about cryptocurrency being lost or stolen, most of the time what they are talking about is the loss or theft of the key which gives a user the right to deal in the cryptocurrency.
A hard drive, of course, is so-called “cold storage” for crypto keys, and is thereby protected, to some extent at least, from hacking.
Some people choose to hold their keys in “hot wallets” (i.e. in applications connected to the internet), or on cryptocurrency exchanges such as Binance, ByBit or Coinbase. That is more convenient, but makes keys far more vulnerable to being hacked.
That is exactly what happened, on a vast scale, to ByBit in February 2025. Hackers, said to be from North Korea, stole keys to USD1.4bn worth of Ethereum in ByBit’s digital wallet.
What is interesting is two aspects of what happened next:
First, ByBit said it would compensate anyone affected by the theft. That is relatively unusual in the world of cryptocurrency and will be a source of considerable comfort to those affected. Of course, in most cases those who lose cryptocurrency still cannot expect such reimbursement, though this may change as the market evolves.
Secondly, ByBit has offered a bounty to anyone who “joins in the war against Lazarus” (the hacker group behind the theft), and helps to identify stolen funds. This is an innovative way of funding the recovery of stolen assets, and worth considering alongside classic litigation funding which may assist if victims pursue legal routes to recovery.
As to legal means of redress, while the flexible rules of English law, defined by reference to fundamental concepts which are adaptable to many contexts, have proven more effective in dealing with crypto than some jurisdictions, recovery of stolen crypto is still a difficult and evolving field. Lawyers are having to learn fast to understand the technicalities of crypto transactions, so that they can think about how to obtain information about the fraudster and freeze and recover funds.
Victims located in England & Wales can apply for disclosure orders against crypto exchanges (some of which now KYC their clients) where the scammer’s wallet is held in an attempt to identify the fraudster or recipient of the stolen funds, as well as making claims for return of assets against the fraudsters, exchanges or other innocent recipients. These applications and claims are, however, very costly. Further, return of assets received by innocent parties such as exchanges requires them to be identified: that costs money, and is made much more difficult by the use of “mixers” and “bridges”.
Transactions can be analysed by specialists to track stolen assets, at an upfront cost. ByBit’s “bounty” approach however could allow it to scale up such investigations by multiplying the number of third parties assisting in tracking stolen funds.
For more information, please visit: LazarusBounty Instant 10% Rewards for Fund Recovery Hack Investigation $140m Bounty Rewards
Deliya Meylanova