The Maturity Paradigm

In healthcare we have an insatiable appetite to adopt new technology

Could Russia orchestrate cyberattacks against the west?

GB News Breakfast Show

Should we be worried

About state-sponsored attacks against hospitals?

Security and the Board Need to Speak the Same Language

How security leaders speak to thier C-Suite and Board can make all the difference

Who'd want to be a CISO?

Challenging job, but increasingly well paid

Medical Tourism - Growing in Popularity

Safe, fun, and much, MUCH more cost-effecitive

The Changing Face of the Security Leader

The role is changing, but what does the future hold?

Cyber Risk Insurance Won't Save Your Reputation

Be careful what you purchase and for what reason

Showing posts with label DPRK Lazarus Group Crypto Heist. Show all posts
Showing posts with label DPRK Lazarus Group Crypto Heist. Show all posts

North Korea pulls off largest-ever theft in digital asset history

Tuesday, February 25, 2025    


The 21 February heist of Bybit, a Dubai-based cryptocurrency exchange removed a staggering $1.46 billion in cryptoassets according to initial reports. In fact, this incident is likely the biggest known financial theft of all time. Bybit is the world’s second-largest cryptocurrency exchange by trading volume, with over 50 million registered users worldwide as per a September 2024 report.

Bybit disclosed that over 400,000 Ethereum and staked Ethereum coins were stolen during the heist. These were initially stored in a "Multisig Cold Wallet," however the funds were somehow transferred to a hot wallet and then siphoned into wallets controlled by the attackers.

"The incident occurred when our ETH multisig cold wallet executed a transfer to our warm wallet. Unfortunately, this transaction was manipulated through a sophisticated attack that masked the signing interface, displaying the correct address while altering the underlying smart contract logic," Bybit explained.


Investigation

According to crypto fraud investigator ZachXBT, the exploiter has already split 10,000 ETH out of the roughly 401,346 ETH stolen in the attack to 48 addresses.

An independent investigation has revealed connections to the infamous Lazarus group. A day after the attack was disclosed by ByBit, Blockchain investigator ZachXBT shared findings connecting the hack to the DPRK-backed hacking group. ZachXBT submitted a detailed analysis of test transactions and connected wallets used just before the exploit, along with multiple graphs and timing analysis, which were added in its X post.


DPRK Crime State

The United States, South Korea, and Japan said in January that North Korean state-backed hacking groups stole over $659 million worth of cryptocurrency last year. Indeed, crypto and other financial theft is the primary avenue through which the heavily sanctioned Hermit Kingdom is able to obtain hard currencies for trade in illicit goods for its nuclear weapons and rocket programs. 

However, one month earlier, blockchain analysis company Chainalysis painted a more dire picture, saying North Korean hackers stole $1.34 billion in cryptocurrency in 47 cyberattacks throughout 2024, breaking their previous record of $1.1 billion from 2022.



Read More
Subscribe to: Posts (Atom)