March 1, 2025

Cash News

Your Trusted Source for Financial News
North Korea Behind .5B Bybit Crypto Hack: FBI #CriptoNews

North Korea Behind $1.5B Bybit Crypto Hack: FBI #CriptoNews

Financial Insights That Matter

  • North Korea was behind the $1.5B Bybit crypto hack, the FBI said.
  • Virtual assets were stolen from Dubai-based cryptocurrency exchange Bybit earlier this month.
  • It’s believed to be the biggest digital heist in history.

North Korea was likely behind the theft of $1.5 billion in virtual assets from Dubai-based cryptocurrency exchange Bybit, according to the FBI.

It said that a North Korean group called TraderTraitor, which is also referred to as the Lazarus Group, was behind the hack.

Last Friday, Bybit said that hackers had seized control of a wallet used to store Ethereum, and transferred its contents to another address.

Ben Zhou, Bybit’s CEO, said that the hack had affected around 401,000 Ethereum and had occurred as the company attempted a routine transfer from a cold wallet — an offline storage system — to a warm wallet used for daily trading.

“Unfortunately, this transaction was manipulated through a sophisticated attack that masked the signing interface, displaying the correct address while altering the underlying smart contract logic,” the company said in a post on X.

On Wednesday, the FBI said that TraderTraitor actors were “proceeding rapidly and have converted some of the stolen assets to Bitcoin and other virtual assets dispersed across thousands of addresses on multiple blockchains.”

“It is expected these assets will be further laundered and eventually converted to fiat currency,” it added.

It also urged the private sector to help block transactions from addresses associated with TradeTraitor.

Blockchain investigations firm TRM described the hack as the “largest exploit on record,” and said that, with a “high degree of confidence,” it believed North Korea was behind the theft.

“This assessment is based on substantial overlaps observed between addresses controlled by the Bybit hackers and those linked to prior North Korean thefts,” it said.

Bybit is one of the largest crypto exchanges in the world.

Jake Moore, a UK-based cybersecurity advisor, told BI that the attack exposed vulnerabilities in cryptocurrency security, especially storage systems.

“The level of coordination of this attack points towards an established group large enough and knowledgable enough to pull this off,” he said.

In a post on X, Bybit’s Zhou shared the FBI announcement, as well as a link to a site offering a $140 million bounty for help in tracing and freezing the stolen assets.

North Korea has been behind a string of cyber attacks and online heists in recent years, with security experts saying that it uses them as a source of much-needed funds to boost its economy.

“Due to government support and direction, cyber-attacks have become a thriving ‘field’ in North Korea, both for classic espionage and to supplement its dire finances,” cyber security firm NCC Group said in a 2022 report.