According to online reports, Xian Xian, founder of Slow Fog, wrote on the X platform: "Through in-depth analysis and investigation in the past 30 days, through forensic analysis and association tracking, we have confirmed that the attacker is North Korea's Lazarus Group. This is a national APT attack against cryptocurrency exchanges. We decided to share relevant IOCs (Indicators of Compromise) attacks, including the use of IP addresses such as some cloud service providers and agents for emergency investigation by exchanges and relevant platforms. It should be noted that the disclosure in this article does not say which platform or platforms it is, nor does it say that it is Bybit. If there are similarities, it is really not impossible."