Lazarus High Risk Bybit Hacking Investigation [CLADIOUS-[BYBIT_HACKER_LAZARUS_ITER]-2025-001] - Wallet Analysis Report - Very High Risk - 0xbb27...2184
Published
15 Jul 2025
9 views
Wallet Name
Analysis Target Wallet (CLADIOUS-[BYBIT_HACKER_LAZARUS_ITER]-2025-001) - 0xbb27...2184
Login to view LLM Analysis
Overview
Project Scope
Analysis of wallet 0xbb2792fce18fc7da3393a72bdc9cebbbe5d92184 - Lazarus High Risk Bybit Hacking Investigation
Suspicious Wallet Hash
0xbb2792fce18fc7da3393a72bdc9cebbbe5d92184
This is the primary wallet address being investigated in this report.
Methodology
Research Methodology
Automated Analysis Methodology for Wallet 0xbb2792fce18fc7da3393a72bdc9cebbbe5d92184
1. Data Collection
- Automated transaction retrieval from blockchain
- Historical transaction pattern analysis
- Network connection mapping
2. Analysis Algorithms
- Multi-algorithm approach using 15 detection methods
- Statistical anomaly detection
- Behavioral pattern analysis
- Network-based risk assessment
3. Risk Scoring
- Weighted risk factor calculation
- Multi-dimensional analysis
- Historical comparison baseline
- Real-time pattern detection
4. Report Generation
- Automated findings compilation
- Risk level determination
- Recommendation synthesis
- Compliance-ready documentation
Data Collection
Data Collection Process for 0xbb2792fce18fc7da3393a72bdc9cebbbe5d92184
1. Blockchain Data Retrieval
- Retrieved 15 analysis data points
- Collected complete transaction history
- Gathered network connection data
2. Analysis Processing
- Applied multiple detection algorithms
- Performed statistical analysis
- Generated risk indicators
- Created behavioral profiles
3. Quality Assurance
- Data validation checks
- Algorithm consistency verification
- Result accuracy confirmation
Data Preprocessing
Data Preprocessing Steps:
1. Data Cleaning
- Removed duplicate transactions
- Standardized timestamp formats
- Validated transaction data integrity
2. Feature Engineering
- Created time-based features
- Calculated statistical metrics
- Generated network features
3. Normalization
- Applied consistent scaling
- Handled missing values
- Optimized for analysis algorithms
Design Pattern
No design pattern information is available for this report.
Analysis
General Analysis Summary for 0xbb2792fce18fc7da3393a72bdc9cebbbe5d92184
Risk Level: Very High Risk Score: 100/100 Total Issues Identified: 59 Suspicious Transactions: 15
Key Findings: - Automated analysis detected 15 suspicious transactions - Risk assessment indicates very high risk level - 59 total suspicious patterns identified across all algorithms - Standardized risk score: 100/100
Analysis Confidence: High (automated multi-algorithm approach) Recommendation: Immediate investigation required
No suspicious patterns detected.
0xbaab7b3d29665eda8e67bc1284fe5ad46f1d436ade6f12383d3ef13222f9c5e8: Very short time between transactions
0x67aa088ccd83d86158c373395665d81041c2fdd239e6de8abd2dc8a8634dd963: Very short time between transactions
0x65a462e43f9eb03ed323d8c97dcb1e15c48c61956c33b8cd27fc00902a4fe57e: Very short time between transactions
0x0bedd9b3094500a33d29f0ccc113df8cb138517dc632bfd6ad1cdeb0cb09573a: Very short time between transactions
0x030bd6648659e5606d50078da09fca833203cdaa825bb5a49892cd6b612a92b6: Very short time between transactions
0x34a41fff21c7d19a10caa5076ea75e75a83654c45b9cf1ba866d7cbca491326b: Very short time between transactions
0x5f761bd510ce75a6e9c9af5368d7d64ec12c05d0eb3d43881a427df845b9b4c5: Very short time between transactions
0x18e5955a6d442a6916264b6a84018f85d19568c055a23d84d5c9dc54b225c9cb: Very short time between transactions
0x989242c1a1f7726caf16a4e1c2839584910789e0dceea57b5de1ec2b069249d6: Very short time between transactions
0x90edee9dc6de01bfc72424e29eddc82a50b6ab6e4cf9f8cbd0633604e4946aa5: Very short time between transactions
0x9db630b3f8f0a89f822777bfca8f2d5dee0551a6cbf27bba5ad679d06df01591: Very short time between transactions
0x91563603d5e8057d51202fc02cd4c806980fc5418eecf949d443cf6df3cd6937: Very short time between transactions
0x229d1f048017d9e26c5bbbf217ec7f5650c6fcfaa1aceb7b1a2e54d6ebc0cf25: Very short time between transactions
0x8cf7ccf4fd7fad81ccda197316b62cc17453478486613e56228c43ec9088c99f: Very short time between transactions
0xbaab7b3d29665eda8e67bc1284fe5ad46f1d436ade6f12383d3ef13222f9c5e8: High frequency transactions (less than 1 minute interval)
0x67aa088ccd83d86158c373395665d81041c2fdd239e6de8abd2dc8a8634dd963: High frequency transactions (less than 1 minute interval)
0x65a462e43f9eb03ed323d8c97dcb1e15c48c61956c33b8cd27fc00902a4fe57e: High frequency transactions (less than 1 minute interval)
0x0bedd9b3094500a33d29f0ccc113df8cb138517dc632bfd6ad1cdeb0cb09573a: High frequency transactions (less than 1 minute interval)
0x030bd6648659e5606d50078da09fca833203cdaa825bb5a49892cd6b612a92b6: High frequency transactions (less than 1 minute interval)
0x34a41fff21c7d19a10caa5076ea75e75a83654c45b9cf1ba866d7cbca491326b: High frequency transactions (less than 1 minute interval), Regular interval transactions between the same wallets
0x5f761bd510ce75a6e9c9af5368d7d64ec12c05d0eb3d43881a427df845b9b4c5: High frequency transactions (less than 1 minute interval), Regular interval transactions between the same wallets
0x18e5955a6d442a6916264b6a84018f85d19568c055a23d84d5c9dc54b225c9cb: High frequency transactions (less than 1 minute interval)
0x989242c1a1f7726caf16a4e1c2839584910789e0dceea57b5de1ec2b069249d6: High frequency transactions (less than 1 minute interval)
0x90edee9dc6de01bfc72424e29eddc82a50b6ab6e4cf9f8cbd0633604e4946aa5: High frequency transactions (less than 1 minute interval)
0x9db630b3f8f0a89f822777bfca8f2d5dee0551a6cbf27bba5ad679d06df01591: High frequency transactions (less than 1 minute interval), Regular interval transactions between the same wallets
0x91563603d5e8057d51202fc02cd4c806980fc5418eecf949d443cf6df3cd6937: High frequency transactions (less than 1 minute interval), Regular interval transactions between the same wallets
0x229d1f048017d9e26c5bbbf217ec7f5650c6fcfaa1aceb7b1a2e54d6ebc0cf25: High frequency transactions (less than 1 minute interval), Regular interval transactions between the same wallets
0x8cf7ccf4fd7fad81ccda197316b62cc17453478486613e56228c43ec9088c99f: High frequency transactions (less than 1 minute interval)
Summary
Total Suspicious Transactions
15
Average Risk Score
55.8
Top Tags
No tags
Suspicious Transactions
| Transaction Hash | Risk Score | Risk Factors | Tags |
|---|---|---|---|
0x989242c…
|
45
High
|
High frequency transactions (less than 1 minute interval)
Short time frame between transactions
Very short time between transactions
Multiple round number transactions
Transaction amount significantly lower than average
Low transaction fee
Part of coordinated wallet cluster
Transaction amount halved compared to previous transaction
|
No tags
|
0x90edee9…
|
63
High
|
High frequency transactions (less than 1 minute interval)
Short time frame between transactions
Very short time between transactions
Transaction amount significantly lower than average
Low transaction fee
Anomaly detected by Isolation Forest
Transaction amount doubled compared to previous transaction
Part of coordinated wallet cluster
Regular interval transactions between the same wallets
|
No tags
|
0x8cf7ccf…
|
56
High
|
Repetitive transaction amount
Short time frame between transactions
High frequency transactions (less than 1 minute interval)
Rapid multi-hop layering pattern detected
Fan-in structuring detected: 4 similar amounts from different addresses totaling 0.00
Very short time between transactions
Transaction amount significantly lower than average
Fan-in structuring detected: 3 similar amounts from different addresses totaling 0.00
Low transaction fee
Part of coordinated wallet cluster
|
No tags
|
0xbaab7b3…
|
100
High
|
High frequency transactions (less than 1 minute interval)
Very short time between transactions
Transaction involves DeFi exploit address: Bybit Exploiter 54
Related to 153 high-risk transactions (highest score: 100)
Transaction amount significantly higher than user average
Transaction amount significantly higher than average
Low transaction fee
Anomaly detected by Isolation Forest
Large transaction amount
Receives funds from exploit address: 0x4571bd...
|
No tags
|
0x0bedd9b…
|
56
High
|
High frequency transactions (less than 1 minute interval)
Short time frame between transactions
Very short time between transactions
Transaction amount significantly lower than average
Low transaction fee
Anomaly detected by Isolation Forest
Transaction amount doubled compared to previous transaction
Part of coordinated wallet cluster
|
No tags
|
0x7483f7b…
|
51
High
|
Short time frame between transactions
Outgoing structuring detected: 4 similar amounts totaling 133.45
Very short time between transactions
Transaction amount significantly higher than average
Low transaction fee
Anomaly detected by Isolation Forest
Large transaction amount
Transaction amount halved compared to previous transaction
|
No tags
|
0x67aa088…
|
63
High
|
Short time frame between transactions
Rapid multi-hop layering pattern detected
Outgoing structuring detected: 4 similar amounts totaling 133.45
Very short time between transactions
Transaction amount significantly higher than average
Low transaction fee
Anomaly detected by Isolation Forest
Large transaction amount
Outgoing structuring detected: 3 similar amounts totaling 99.45
|
No tags
|
0x34a41ff…
|
50
High
|
High frequency transactions (less than 1 minute interval)
Short time frame between transactions
Outgoing structuring detected: 4 similar amounts totaling 133.45
Very short time between transactions
Transaction amount significantly higher than average
Low transaction fee
Anomaly detected by Isolation Forest
Large transaction amount
Transaction amount doubled compared to previous transaction
Outgoing structuring detected: 3 similar amounts totaling 99.45
|
No tags
|
0x5f761bd…
|
69
High
|
High frequency transactions (less than 1 minute interval)
Short time frame between transactions
Rapid multi-hop layering pattern detected
Rapid accumulation of large transactions
Outgoing structuring detected: 4 similar amounts totaling 133.45
Very short time between transactions
Transaction amount significantly higher than average
Low transaction fee
Anomaly detected by Isolation Forest
Large transaction amount
Outgoing structuring detected: 3 similar amounts totaling 99.45
|
No tags
|
0x65a462e…
|
60
High
|
High frequency transactions (less than 1 minute interval)
Short time frame between transactions
Rapid multi-hop layering pattern detected
Very short time between transactions
Multiple round number transactions
Transaction amount significantly lower than average
Low transaction fee
Part of coordinated wallet cluster
Transaction amount halved compared to previous transaction
|
No tags
|
0x030bd66…
|
54
High
|
High frequency transactions (less than 1 minute interval)
Short time frame between transactions
Very short time between transactions
Transaction amount significantly lower than average
Low transaction fee
Anomaly detected by Isolation Forest
Part of coordinated wallet cluster
|
No tags
|
0x18e5955…
|
65
High
|
High frequency transactions (less than 1 minute interval)
Short time frame between transactions
Rapid multi-hop layering pattern detected
Very short time between transactions
Multiple round number transactions
Transaction amount significantly lower than average
Low transaction fee
Part of coordinated wallet cluster
Regular interval transactions between the same wallets
|
No tags
|
0x9db630b…
|
42
High
|
Short time frame between transactions
Fan-in structuring detected: 4 similar amounts from different addresses totaling 0.00
Very short time between transactions
Transaction amount significantly lower than average
Low transaction fee
Part of coordinated wallet cluster
Transaction amount halved compared to previous transaction
|
No tags
|
0x9156360…
|
40
High
|
Repetitive transaction amount
Short time frame between transactions
High frequency transactions (less than 1 minute interval)
Fan-in structuring detected: 4 similar amounts from different addresses totaling 0.00
Very short time between transactions
Transaction amount significantly lower than average
Fan-in structuring detected: 3 similar amounts from different addresses totaling 0.00
Low transaction fee
Part of coordinated wallet cluster
|
No tags
|
0x229d1f0…
|
55
High
|
Repetitive transaction amount
Short time frame between transactions
Rapid multi-hop layering pattern detected
Fan-in structuring detected: 4 similar amounts from different addresses totaling 0.00
Very short time between transactions
Transaction amount significantly lower than average
Fan-in structuring detected: 3 similar amounts from different addresses totaling 0.00
Low transaction fee
Part of coordinated wallet cluster
|
No tags
|
Showing 1 to 10 of 0 transactions
Advanced Analysis Findings
No Local Outlier Factor analysis data is available for this report.
No wallet community detection data is available for this report.
No transaction layering pattern data is available for this report.
No address clustering data is available for this report.
No sanctioned address connection data is available for this report.
Suspicious Activities
Suspicious Activities Summary:
High Risk Activities: 15
Medium Risk Activities: 0
Total Flagged Transactions: 15
Pattern Categories:
- Network-based anomalies
- Behavioral inconsistencies
- Statistical outliers
- Temporal irregularities
Automated Detection Results:
- Algorithm coverage: Comprehensive
- Detection confidence: High
- Risk classification: Validated
Conclusions & Recommendations
Conclusions
Analysis Conclusions for 0xbb2792fce18fc7da3393a72bdc9cebbbe5d92184:
1. Risk Assessment
- Overall Risk Level: Very High
- Standardized Risk Score: 100/100
- Average Transaction Risk Score: 57.93
- Total Suspicious Patterns: 15
2. Key Findings
- Automated analysis completed successfully
- Multiple detection algorithms applied
- Comprehensive risk evaluation performed
- Standardized scoring methodology applied (score: 100/100)
3. Confidence Level
- Analysis Quality: High
- Data Coverage: Complete
- Algorithm Performance: Validated
4. Summary
The automated analysis has identified significant concerns.
Immediate action recommended.
Recommendations
Immediate Action Recommendations:
1. Priority Actions
- Escalate to compliance team immediately
- Implement enhanced monitoring
- Consider transaction restrictions
- Document all findings
2. Investigation Requirements
- Detailed transaction review required
- Source of funds investigation
- Enhanced due diligence protocols
- Regular monitoring updates
3. Compliance Measures
- File suspicious activity reports if required
- Implement know-your-customer procedures
- Apply enhanced monitoring protocols
- Document risk mitigation measures
Severity Assessment
Very High
Appendices & References
Appendices
Appendix A: Automated Analysis Results
Appendix B: Algorithm Details and Methodology
Appendix C: Risk Assessment Matrix
Appendix D: Transaction Pattern Analysis
Appendix E: Network Connection Analysis
Appendix F: Case Reference Documentation - CLADIOUS-[BYBIT_HACKER_LAZARUS_ITER]-2025-001
Appendix G: Investigation Team Notes - Cladious Forensics Team
References
1. Blockchain Analysis Framework - Cladious Platform
2. Risk Assessment Guidelines - Financial Action Task Force (FATF)
3. Automated Analysis Documentation - Internal Methodology
Contact Information
Primary Analyst: Cladious Auto
Email: [email protected]
Generated: 2025-07-15 17:13:59 UTC
Investigation Team: Cladious Forensics Team
Case Reference: CLADIOUS-[BYBIT_HACKER_LAZARUS_ITER]-2025-001
Platform: Cladious Security Analysis Platform
For questions or additional analysis requests, please contact the investigation team.
This report contains confidential information and should be handled according to your organization's data protection policies.
Report Information
Author
Cladious Auto
Published Date
July 15, 2025
Views
9
Likes
0