North Korea has gotten away with its biggest crypto heist yet, this time stealing approximately $1.4 billion worth of Ethereum, about 400,000 coins, from the cryptocurrency exchange ByBit. The company’s CEO Ben Zhou on Monday said the company was able to raise new funding to fill the gap and that ByBit can cover all withdrawals, though you might remember a certain other exchange CEO who made the same promise before his exchange abruptly collapsed.
The company is offering a 10% bounty for any funds that are returned, though security researchers say that 10% of the stolen funds have already been laundered and likely cannot be returned.
Because cryptocurrency transactions are recorded on a public blockchain, researchers were quick to identify North Korea’s state-sponsored hacking group Lazarus Group as being responsible for this latest heist. According to TechCrunch, researchers saw that many of the funds stolen from Bybit were “being commingled with funds from multiple DPRK-attributed thefts,” according to Tom Robinson, co-founder of blockchain monitoring firm Elliptic, in a statement to the website.
Lazarus has been behind a slew of other crypto thefts in recent years, most notably the attack on crypto gaming company Axie Infinity in which hackers managed to run off with $625 million.
North Korea was pushed to hone its crypto-hacking skills after being hit with tightened economic sanctions in 2017 that banned the export of North Korean goods including coal and textiles, in response to the country’s continued test of nuclear weapons. Crypto, of course, is a decentralized technology—there is no bank or regulatory body that can stop the money from moving around or freeze a wallet (though Tether, a stablecoin provider, is able to freeze sanctioned wallets).
In the case of the Bybit attack, it appears that Lazarus managed to use social engineering tactics to trick exchange employees into signing off on a transaction they believed was a routine transfer but instead enabled hackers to change contract language and gain control over a wallet where customer funds were held. It can only be speculated exactly how that occurred, but it is a good reminder of how fragile many of these exchanges are. A couple of humans are the last line of defense, and the money cannot easily be clawed back once it is gone. Ironically, the name of Bybit’s cold wallet was called the “Genesis SAFE.” Not exactly ‘safe’ if your employees can be tricked into signing a malicious transaction.
Though there are ways to make it difficult to convert the stolen funds into actual cash, North Korea has found ways, like using mixing services that obfuscate the origin and destination of funds. The country continues to sit on tens of millions worth of cryptocurrency that has been stolen over the years, suggesting it is fine waiting until it can find a method.
Crypto skeptics say hacks like these are a prime example of why regulations are needed. North Korea cannot steal fiat currency in the same way because it has to transfer through a global web of banks which must follow strict anti-money laundering and KYC (know-your-customer) laws. Proponents of crypto would argue that plenty of fraud already occurs using fiat money and that crypto mixing services are an issue of personal privacy. Wealthy individuals or dissidents should be able to mask their funds so they do not become a target, for instance. You can bet your money that Kim Jong Un agrees.
)
)
)
)
English (US) ·