zeroShadow and SEAL Lead Crypto Industry Coalition to Combat North Korean Cybercrime

July 16, 2025 – zeroShadow and Security Alliance (SEAL), leaders in crypto cybersecurity, announced a groundbreaking initiative to unite industry leaders in the fight against state-sponsored cybercrime, following revelations that North Korea laundered over $1B in stolen cryptocurrency between February and June 2025 from the Bybit hack. 

The scale and sophistication of these thefts, coupled with challenges in freezing and recovering stolen funds, demand urgent action. zeroShadow is spearheading a coalition with industry leaders, including past TraderTraitor victims Bybit, WazirX, and Sky Mavis, to address these threats through collaborative, actionable solutions.

Key Challenges:

• Preventing Attacks: North Korean actors like TraderTraitor exploit weak pre-compromise preparation. Companies need trusted communication channels with law enforcement and cybersecurity experts to deliver timely threat intelligence.

• Recovering Stolen Funds: The rapid laundering of stolen funds, often through Chinese money launderers and leveraging the jurisdictional uncertainty of victims and services, complicates recovery efforts. It is time for the industry-wide adoption of civil or voluntary legal processes, akin to traditional finance, to freeze and recover assets without over-relying on law enforcement.

• Addressing Decentralized Services: Over 95% of stolen funds from the Bybit hack flowed through decentralized platforms, which accrue fees from illicit transactions. These services should implement proactive measures to deter abuse by bad actors.

Call to Action:

zeroShadow invites crypto services, regulators, legal experts, and security researchers to join a virtual discussion in September 2025 to develop a unified strategy to simplify the freeze and recovery process and protect the Web3 ecosystem. Key topics include defining best practices for freezing and recovery across different services, and creating a private-sector coalition modeled on ICANN or NCTFA for voluntary fund recovery.

Ben Zhou, Co-founder and CEO of Bybit, said:

“At Bybit, we believe the strength of our industry lies in our ability to unite in the face of threats. The rise of sophisticated, state-sponsored cyberattacks is a wake-up call for all of us—we can no longer operate in silos when responding to these challenges.

As a recent target of the Lazarus Group, Bybit has significantly strengthened its security infrastructure. That’s why we’re proud to support and serve as a key member of the Coalition to Change Crypto Freezes & Recovery. Bybit is committed to helping shape and lead the standards for crypto security while enabling swift, effective responses to hacks. We firmly believe in collective responsibility.

We stand ready to work with all stakeholders to co-build and co-shape the lines of crypto security necessary to safeguard our users and secure the future of decentralized finance.”

Casey G, CEO of zeroShadow, added, “We saw the Bybit hack as a pivotal moment where the industry needed to start working together to take responsibility and create friction for bad actors. Together, we can help protect businesses and people from being hurt, and prevent stolen funds from fueling global threats.”

To participate in the September discussion, register at this link. To read the full article, please go to https://www.zeroshadow.io/post/coalition-public-statement 

About zeroShadow:

zeroShadow is a full-stack blockchain security firm dedicated to protecting the Web3 ecosystem through exploit prevention solutions, threat intelligence, and incident response.

Email: media@zeroshadow.io 

About SEAL:

The Security Alliance (SEAL) is a nonprofit organization dedicated to securing the future of crypto through the creation of public goods and coordination of Web2 and Web3 stakeholders.

Email: press@securityalliance.org 

Update from original post: initial meeting moved to September