Lazarus High Risk Bybit Hacking Investigation [CLADIOUS-[BYBIT_HACKER_LAZARUS_ITER]-2025-001] - Wallet Analysis Report - Very High Risk - 0x238a...4e49
Published
14 Jul 2025
9 views
Wallet Name
Analysis Target Wallet (CLADIOUS-[BYBIT_HACKER_LAZARUS_ITER]-2025-001) - 0x238a...4e49
Login to view LLM Analysis
Overview
Project Scope
Analysis of wallet 0x238a1a910a97b8aa75e521776bed76e51bab4e49 - Lazarus High Risk Bybit Hacking Investigation
Suspicious Wallet Hash
0x238a1a910a97b8aa75e521776bed76e51bab4e49
This is the primary wallet address being investigated in this report.
Methodology
Research Methodology
Automated Analysis Methodology for Wallet 0x238a1a910a97b8aa75e521776bed76e51bab4e49
1. Data Collection
- Automated transaction retrieval from blockchain
- Historical transaction pattern analysis
- Network connection mapping
2. Analysis Algorithms
- Multi-algorithm approach using 27 detection methods
- Statistical anomaly detection
- Behavioral pattern analysis
- Network-based risk assessment
3. Risk Scoring
- Weighted risk factor calculation
- Multi-dimensional analysis
- Historical comparison baseline
- Real-time pattern detection
4. Report Generation
- Automated findings compilation
- Risk level determination
- Recommendation synthesis
- Compliance-ready documentation
Data Collection
Data Collection Process for 0x238a1a910a97b8aa75e521776bed76e51bab4e49
1. Blockchain Data Retrieval
- Retrieved 27 analysis data points
- Collected complete transaction history
- Gathered network connection data
2. Analysis Processing
- Applied multiple detection algorithms
- Performed statistical analysis
- Generated risk indicators
- Created behavioral profiles
3. Quality Assurance
- Data validation checks
- Algorithm consistency verification
- Result accuracy confirmation
Data Preprocessing
Data Preprocessing Steps:
1. Data Cleaning
- Removed duplicate transactions
- Standardized timestamp formats
- Validated transaction data integrity
2. Feature Engineering
- Created time-based features
- Calculated statistical metrics
- Generated network features
3. Normalization
- Applied consistent scaling
- Handled missing values
- Optimized for analysis algorithms
Design Pattern
No design pattern information is available for this report.
Analysis
General Analysis Summary for 0x238a1a910a97b8aa75e521776bed76e51bab4e49
Risk Level: Very High Risk Score: 100/100 Total Issues Identified: 105 Suspicious Transactions: 27
Key Findings: - Automated analysis detected 27 suspicious transactions - Risk assessment indicates very high risk level - 105 total suspicious patterns identified across all algorithms - Standardized risk score: 100/100
Analysis Confidence: High (automated multi-algorithm approach) Recommendation: Immediate investigation required
No suspicious patterns detected.
0x630b74b0fdfcbd03fcf01eb34f05851e44277b32a7ff4e5661be687291b785b6: Very short time between transactions
0x1c5467646c24545bbcffe1c63e348a5738a5444899354a85259dbd3cd0d60a8f: Very short time between transactions
0xce915a889948ab405fd1e30fab43cd1830758dcac55023181211a38292a4be09: Very short time between transactions
0x8862705db41b73103f60c633a305997fa06a3bce63ff2b9a104f1bea44f7344e: Very short time between transactions
0xebc1ebd4c2ce1e556f2db065f3f807ca06a1547aec0b6e08f55dee60c57b54dc: Very short time between transactions
0xe4520c05c6071d607217a8809332293d0516dc2a77df71450d6ae571d93b1c42: Very short time between transactions
0x74e1ac2753ef47a407ca8d0b351259a6badf25bf8d01598cc89824045251d8a5: Very short time between transactions
0xecf322806ea41a858ea6e662de24b5ad21f119d7be6fa0ff3d4acb6a5a0ac0f2: Very short time between transactions
0x2137eaad3c8a9fe2f0078be6c7bf5964ab206da76a71c9880953bcfa3511240d: Very short time between transactions
0x756eacb31c81ff31902e1254093fa4c01d634370176e995019f5d04025d75e26: Very short time between transactions
0xda66e68c711dbc7646679189a737ff688a86b97da0a9c26220623ad23136b47b: Very short time between transactions
0x973c790d8a6a1bf22a060a2e47eb0381b2e1600ce52ed6a288baa53b4005974b: Very short time between transactions
0x84140141954075f4f71290a2969e7978eef8586197f68846910ae3b4a996c198: Very short time between transactions
0x2bd4b08f09f03749df88def53edc0e79c49778d2b571c5c6d790dcbce1dfb393: Very short time between transactions
0xd5c804645fb597b0e3da1085a482ec30ab98e363db06f9ca263ce2ccbc825ee5: Very short time between transactions
0x8231f1744e7913f8cf27fe0f8f6f6b880807ec90d420e984592d2513ec91a284: Very short time between transactions
0xd88d547ca9e2541b22cbf5cf4d1341818084f83cb76f9c1de5b496fa95727af3: Very short time between transactions
0xba7024f6d510b8e3444933941d1c33954f54f8fb9a4f82983db3292985d5f02f: Very short time between transactions
0x8bd9ba38a05b2b3c9d3d233494c4c88e01d196f182b11b0b2f5fb8153bf79935: Very short time between transactions
0xd4fceb1c16e09bf19d8d35887806e16542e6973ac3995379d0faf1d7d455768e: Very short time between transactions
0x399080cb04f4719b28a3f103234339c9e7a5810ed91b29211a7459da4bd8bbad: Very short time between transactions
0xa7e09758760016d4ccb90e89da147c91583f96fcf2627ba0bbd9dc73d0094083: Very short time between transactions
0xaabcdf5b6865fee1498f9835897949d62d61ac67bd4b7f1eabf0bbed7d5db946: Very short time between transactions
0xc531570d619cc92e2ee01ee59581bb6405a81a32df2091dbd38a8b067a81f648: Very short time between transactions
0x630b74b0fdfcbd03fcf01eb34f05851e44277b32a7ff4e5661be687291b785b6: Transaction amount significantly higher than average
0x8862705db41b73103f60c633a305997fa06a3bce63ff2b9a104f1bea44f7344e: Transaction amount halved compared to previous transaction
0xe4520c05c6071d607217a8809332293d0516dc2a77df71450d6ae571d93b1c42: Transaction amount halved compared to previous transaction
0x8231f1744e7913f8cf27fe0f8f6f6b880807ec90d420e984592d2513ec91a284: Transaction amount halved compared to previous transaction
0xd88d547ca9e2541b22cbf5cf4d1341818084f83cb76f9c1de5b496fa95727af3: Transaction amount significantly higher than average, Transaction amount doubled compared to previous transaction
0xc531570d619cc92e2ee01ee59581bb6405a81a32df2091dbd38a8b067a81f648: Transaction amount significantly higher than average, Transaction amount doubled compared to previous transaction
0xfcdebe95a7935a765edb69b95807ce3d7eba754e40453c8dc636e50e3d23fcf0: Transaction amount significantly higher than average, Transaction amount doubled compared to previous transaction
0x630b74b0fdfcbd03fcf01eb34f05851e44277b32a7ff4e5661be687291b785b6: High frequency transactions (less than 1 minute interval)
0x1c5467646c24545bbcffe1c63e348a5738a5444899354a85259dbd3cd0d60a8f: High frequency transactions (less than 1 minute interval)
0xce915a889948ab405fd1e30fab43cd1830758dcac55023181211a38292a4be09: High frequency transactions (less than 1 minute interval)
0x8862705db41b73103f60c633a305997fa06a3bce63ff2b9a104f1bea44f7344e: High frequency transactions (less than 1 minute interval)
0xebc1ebd4c2ce1e556f2db065f3f807ca06a1547aec0b6e08f55dee60c57b54dc: High frequency transactions (less than 1 minute interval)
0xe4520c05c6071d607217a8809332293d0516dc2a77df71450d6ae571d93b1c42: High frequency transactions (less than 1 minute interval)
0x74e1ac2753ef47a407ca8d0b351259a6badf25bf8d01598cc89824045251d8a5: High frequency transactions (less than 1 minute interval)
0xecf322806ea41a858ea6e662de24b5ad21f119d7be6fa0ff3d4acb6a5a0ac0f2: High frequency transactions (less than 1 minute interval)
0x2137eaad3c8a9fe2f0078be6c7bf5964ab206da76a71c9880953bcfa3511240d: High frequency transactions (less than 1 minute interval)
0x756eacb31c81ff31902e1254093fa4c01d634370176e995019f5d04025d75e26: High frequency transactions (less than 1 minute interval)
0xda66e68c711dbc7646679189a737ff688a86b97da0a9c26220623ad23136b47b: High frequency transactions (less than 1 minute interval)
0x973c790d8a6a1bf22a060a2e47eb0381b2e1600ce52ed6a288baa53b4005974b: High frequency transactions (less than 1 minute interval)
0x84140141954075f4f71290a2969e7978eef8586197f68846910ae3b4a996c198: High frequency transactions (less than 1 minute interval)
0x2bd4b08f09f03749df88def53edc0e79c49778d2b571c5c6d790dcbce1dfb393: High frequency transactions (less than 1 minute interval)
0xd5c804645fb597b0e3da1085a482ec30ab98e363db06f9ca263ce2ccbc825ee5: High frequency transactions (less than 1 minute interval)
0x8231f1744e7913f8cf27fe0f8f6f6b880807ec90d420e984592d2513ec91a284: High frequency transactions (less than 1 minute interval)
0xb87cf7958406c87160fd9c9fae5cc9f81c9c4668dfc613f84f5925e310f4cacd: Regular interval transactions between the same wallets
0xba7024f6d510b8e3444933941d1c33954f54f8fb9a4f82983db3292985d5f02f: High frequency transactions (less than 1 minute interval)
0x8bd9ba38a05b2b3c9d3d233494c4c88e01d196f182b11b0b2f5fb8153bf79935: High frequency transactions (less than 1 minute interval)
0xd4fceb1c16e09bf19d8d35887806e16542e6973ac3995379d0faf1d7d455768e: High frequency transactions (less than 1 minute interval)
0x399080cb04f4719b28a3f103234339c9e7a5810ed91b29211a7459da4bd8bbad: High frequency transactions (less than 1 minute interval)
0xa7e09758760016d4ccb90e89da147c91583f96fcf2627ba0bbd9dc73d0094083: High frequency transactions (less than 1 minute interval)
0xaabcdf5b6865fee1498f9835897949d62d61ac67bd4b7f1eabf0bbed7d5db946: High frequency transactions (less than 1 minute interval)
0xc531570d619cc92e2ee01ee59581bb6405a81a32df2091dbd38a8b067a81f648: High frequency transactions (less than 1 minute interval)
Summary
Total Suspicious Transactions
27
Average Risk Score
48.26
Top Tags
No tags
Suspicious Transactions
| Transaction Hash | Risk Score | Risk Factors | Tags |
|---|---|---|---|
0xce915a8…
|
35
Medium
|
Short time frame between transactions
Anomaly detected by Isolation Forest
High frequency transactions (less than 1 minute interval)
Related to 4 high-risk transactions (highest score: 82)
Transaction amount doubled compared to previous transaction
Very short time between transactions
|
No tags
|
0x8862705…
|
49
High
|
Short time frame between transactions
Related to 57 high-risk transactions (highest score: 100)
Anomaly detected by Isolation Forest
Local Outlier Factor (LOF) detected as anomaly
Very short time between transactions
Transaction amount significantly lower than average
Transaction amount halved compared to previous transaction
|
No tags
|
0xebc1ebd…
|
37
Medium
|
Short time frame between transactions
Multiple round number transactions
Local Outlier Factor (LOF) detected as anomaly
Very short time between transactions
Transaction amount significantly lower than average
Transaction amount halved compared to previous transaction
|
No tags
|
0x74e1ac2…
|
37
Medium
|
Short time frame between transactions
Multiple round number transactions
Local Outlier Factor (LOF) detected as anomaly
Very short time between transactions
Transaction amount significantly lower than average
Transaction amount halved compared to previous transaction
|
No tags
|
0xecf3228…
|
34
Medium
|
Short time frame between transactions
Multiple round number transactions
Local Outlier Factor (LOF) detected as anomaly
Repetitive transaction amount
Very short time between transactions
Transaction amount significantly lower than average
|
No tags
|
0x2137eaa…
|
34
Medium
|
Short time frame between transactions
Multiple round number transactions
Local Outlier Factor (LOF) detected as anomaly
Repetitive transaction amount
Very short time between transactions
Transaction amount significantly lower than average
|
No tags
|
0x756eacb…
|
34
Medium
|
Short time frame between transactions
Related to 57 high-risk transactions (highest score: 100)
Multiple round number transactions
Local Outlier Factor (LOF) detected as anomaly
Repetitive transaction amount
Very short time between transactions
Transaction amount significantly lower than average
|
No tags
|
0xda66e68…
|
26
Medium
|
Short time frame between transactions
Related to 57 high-risk transactions (highest score: 100)
Multiple round number transactions
High frequency transactions (less than 1 minute interval)
Repetitive transaction amount
Very short time between transactions
Transaction amount significantly lower than average
|
No tags
|
0x973c790…
|
48
High
|
Transaction amount significantly higher than average
Anomaly detected by Isolation Forest
Transaction amount significantly higher than user average
Local Outlier Factor (LOF) detected as anomaly
Related to 3 high-risk transactions (highest score: 82)
Transaction amount doubled compared to previous transaction
Very short time between transactions
|
No tags
|
0x8414014…
|
53
High
|
Short time frame between transactions
Transaction amount significantly higher than average
Anomaly detected by Isolation Forest
Transaction amount significantly higher than user average
Local Outlier Factor (LOF) detected as anomaly
Transaction amount doubled compared to previous transaction
Very short time between transactions
|
No tags
|
0xd5c8046…
|
34
Medium
|
Short time frame between transactions
Related to 57 high-risk transactions (highest score: 100)
Local Outlier Factor (LOF) detected as anomaly
High frequency transactions (less than 1 minute interval)
Repetitive transaction amount
Very short time between transactions
Transaction amount significantly lower than average
|
No tags
|
0x1c54676…
|
43
High
|
Short time frame between transactions
Multiple round number transactions
High frequency transactions (less than 1 minute interval)
Rapid multi-hop layering pattern detected
Repetitive transaction amount
Very short time between transactions
Transaction amount significantly lower than average
|
No tags
|
0xba7024f…
|
43
High
|
Related to 57 high-risk transactions (highest score: 100)
Anomaly detected by Isolation Forest
Local Outlier Factor (LOF) detected as anomaly
Transaction amount doubled compared to previous transaction
Very short time between transactions
Transaction amount significantly lower than average
|
No tags
|
0x2bd4b08…
|
34
Medium
|
Short time frame between transactions
Related to 57 high-risk transactions (highest score: 100)
Local Outlier Factor (LOF) detected as anomaly
High frequency transactions (less than 1 minute interval)
Repetitive transaction amount
Very short time between transactions
Transaction amount significantly lower than average
|
No tags
|
0x630b74b…
|
100
High
|
Local Outlier Factor (LOF) detected as anomaly
Related to 24 high-risk transactions (highest score: 100)
Transaction involves DeFi exploit address: Bybit Exploiter 1
Sends funds to exploit address: 0x47666f...
Address became active after a long inactive period
Transaction amount doubled compared to previous transaction
Transaction amount significantly lower than average
|
No tags
|
0xd88d547…
|
100
High
|
Short time frame between transactions
Transaction involves DeFi exploit address: Bybit Exploiter 44
Related to 8 high-risk transactions (highest score: 100)
Sends funds to exploit address: 0xbca02b...
Very short time between transactions
Transaction amount significantly lower than average
Transaction amount halved compared to previous transaction
|
No tags
|
0xfcdebe9…
|
100
High
|
Short time frame between transactions
Transaction involves DeFi exploit address: Bybit Exploiter 44
Related to 8 high-risk transactions (highest score: 100)
Transaction amount doubled compared to previous transaction
Sends funds to exploit address: 0xbca02b...
Very short time between transactions
Transaction amount significantly lower than average
|
No tags
|
0xbb0450c…
|
45
High
|
Short time frame between transactions
Multiple round number transactions
Rapid multi-hop layering pattern detected
Very short time between transactions
Transaction amount significantly lower than average
Transaction amount halved compared to previous transaction
|
No tags
|
0xe4520c0…
|
47
High
|
Short time frame between transactions
Transaction amount significantly higher than average
Anomaly detected by Isolation Forest
Local Outlier Factor (LOF) detected as anomaly
Related to 3 high-risk transactions (highest score: 82)
Transaction amount doubled compared to previous transaction
Very short time between transactions
|
No tags
|
0xb87cf79…
|
45
High
|
Short time frame between transactions
Transaction amount significantly higher than average
Anomaly detected by Isolation Forest
Local Outlier Factor (LOF) detected as anomaly
Very short time between transactions
Related to 57 high-risk transactions (highest score: 100)
|
No tags
|
0x8bd9ba3…
|
25
Medium
|
Short time frame between transactions
Related to 57 high-risk transactions (highest score: 100)
High frequency transactions (less than 1 minute interval)
Repetitive transaction amount
Very short time between transactions
Transaction amount significantly lower than average
|
No tags
|
0xd4fceb1…
|
25
Medium
|
Short time frame between transactions
Related to 57 high-risk transactions (highest score: 100)
Multiple round number transactions
Repetitive transaction amount
Very short time between transactions
Transaction amount significantly lower than average
|
No tags
|
0x399080c…
|
42
High
|
Short time frame between transactions
Anomaly detected by Isolation Forest
Local Outlier Factor (LOF) detected as anomaly
Transaction amount doubled compared to previous transaction
Very short time between transactions
Related to 57 high-risk transactions (highest score: 100)
|
No tags
|
0xa7e0975…
|
41
High
|
Transaction amount significantly higher than average
Anomaly detected by Isolation Forest
Local Outlier Factor (LOF) detected as anomaly
Transaction amount significantly higher than user average
Address became active after a long inactive period
Related to 57 high-risk transactions (highest score: 100)
|
No tags
|
0xaabcdf5…
|
46
High
|
Transaction amount significantly higher than average
Anomaly detected by Isolation Forest
Local Outlier Factor (LOF) detected as anomaly
Transaction amount significantly higher than user average
Very short time between transactions
Related to 57 high-risk transactions (highest score: 100)
|
No tags
|
0xc531570…
|
100
High
|
Short time frame between transactions
Sends funds to exploit address: 0xe9bc55...
High frequency transactions (less than 1 minute interval)
Transaction involves DeFi exploit address: Bybit Exploiter 43
Related to 15 high-risk transactions (highest score: 100)
Very short time between transactions
Transaction amount significantly lower than average
Transaction amount halved compared to previous transaction
|
No tags
|
0x8231f17…
|
46
High
|
Transaction amount significantly higher than average
Anomaly detected by Isolation Forest
Transaction amount significantly higher than user average
Local Outlier Factor (LOF) detected as anomaly
Low transaction fee
Address became active after a long inactive period
Transaction amount doubled compared to previous transaction
|
No tags
|
Showing 1 to 10 of 0 transactions
Advanced Analysis Findings
No Local Outlier Factor analysis data is available for this report.
No wallet community detection data is available for this report.
No transaction layering pattern data is available for this report.
No address clustering data is available for this report.
No sanctioned address connection data is available for this report.
Suspicious Activities
Suspicious Activities Summary:
High Risk Activities: 27
Medium Risk Activities: 0
Total Flagged Transactions: 27
Pattern Categories:
- Network-based anomalies
- Behavioral inconsistencies
- Statistical outliers
- Temporal irregularities
Automated Detection Results:
- Algorithm coverage: Comprehensive
- Detection confidence: High
- Risk classification: Validated
Conclusions & Recommendations
Conclusions
Analysis Conclusions for 0x238a1a910a97b8aa75e521776bed76e51bab4e49:
1. Risk Assessment
- Overall Risk Level: Very High
- Standardized Risk Score: 100/100
- Average Transaction Risk Score: 48.26
- Total Suspicious Patterns: 27
2. Key Findings
- Automated analysis completed successfully
- Multiple detection algorithms applied
- Comprehensive risk evaluation performed
- Standardized scoring methodology applied (score: 100/100)
3. Confidence Level
- Analysis Quality: High
- Data Coverage: Complete
- Algorithm Performance: Validated
4. Summary
The automated analysis has identified significant concerns.
Immediate action recommended.
Recommendations
Immediate Action Recommendations:
1. Priority Actions
- Escalate to compliance team immediately
- Implement enhanced monitoring
- Consider transaction restrictions
- Document all findings
2. Investigation Requirements
- Detailed transaction review required
- Source of funds investigation
- Enhanced due diligence protocols
- Regular monitoring updates
3. Compliance Measures
- File suspicious activity reports if required
- Implement know-your-customer procedures
- Apply enhanced monitoring protocols
- Document risk mitigation measures
Severity Assessment
Very High
Appendices & References
Appendices
Appendix A: Automated Analysis Results
Appendix B: Algorithm Details and Methodology
Appendix C: Risk Assessment Matrix
Appendix D: Transaction Pattern Analysis
Appendix E: Network Connection Analysis
Appendix F: Case Reference Documentation - CLADIOUS-[BYBIT_HACKER_LAZARUS_ITER]-2025-001
Appendix G: Investigation Team Notes - Cladious Forensics Team
References
1. Blockchain Analysis Framework - Cladious Platform
2. Risk Assessment Guidelines - Financial Action Task Force (FATF)
3. Automated Analysis Documentation - Internal Methodology
Contact Information
Primary Analyst: Cladious Auto
Email: [email protected]
Generated: 2025-07-14 00:03:32 UTC
Investigation Team: Cladious Forensics Team
Case Reference: CLADIOUS-[BYBIT_HACKER_LAZARUS_ITER]-2025-001
Platform: Cladious Security Analysis Platform
For questions or additional analysis requests, please contact the investigation team.
This report contains confidential information and should be handled according to your organization's data protection policies.
Report Information
Author
Cladious Auto
Published Date
July 14, 2025
Views
9
Likes
0