Known-threat-actor cluster has touched protocol

Lista DAO's assessment for RD-F-158 — scored gray on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

Known-threat-actor cluster signal not configured (CTI feed absent). Public OSINT: Bybit hack Feb 2025 Lazarus laundering used BNB Smart Chain broadly (PancakeSwap $263M of $400M laundered); no public report names lisUSD or slisBNB contracts as specific laundering venues. U4 applies — passive ecosystem venue use does not constitute a direct lista-dao touch. CTI feed required for production confidence.

Sources #

URL
TRM Labs: The Bybit Hack — Following North Korea's Largest ExploitTRM Labs: Bybit hack follow-the-money — Lazarus laundering pathsretrieved 2026-05-12

Methodology #

Detect whether an address from the curator-maintained threat-actor cluster (past exploiters, labeled attacker families) interacted with this protocol in the last 30 days.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol lista-dao factor RD-F-158 score gray collected_at 2026-05-12 17:54:05