Poloniex, the crypto exchange owned by Tron founder Justin Sun, is offering a 5% white hat bounty to the hacker who stole more than $120 million worth of crypto assets from the platform last week. The hacker has until November 25 to return the funds and claim the reward, Sun said in a message to the hacker that was verified by Cryptoinfowatch.

Hacker’s tactics are similar to those used by the Lazarus Group

The exchange has identified and frozen some of the stolen funds and will reimburse the affected users, Sun said. He also said that police from China, the U.S. and Russia have intervened in the investigation and confirmed the hacker’s identity, without providing further details.

However, some market research platforms have speculated that the hacker could be linked to the North Korea-backed cybercriminal group, the Lazarus Group, which is notorious for targeting crypto exchanges and online casinos. The hacker’s tactics are similar to those used by the Lazarus Group in a previous attack on Stake.com, which involved a leakage of private keys and swapping tokens on decentralized exchanges, according to Chainalysis and CipherTrace, two blockchain analytics firms.

Good at covering their tracks

If this is true, then the chances of recovering the funds are very slim, as the Lazarus Group is known to operate with high sophistication and anonymity, said Kayla Izenman, a research analyst at the Royal United Services Institute, a London-based think tank.

“They are very good at covering their tracks and laundering their money through multiple jurisdictions and intermediaries,” she said.

The Poloniex hack is one of the largest and most recent incidents of crypto exchange hacking, which poses a serious threat to the security and trust of the crypto industry. It also highlights the need for better regulation and oversight of crypto exchanges, as well as more awareness and education among users about the risks and best practices of storing and managing their crypto assets.