The Lazarus Group, believed to be linked to North Korea, has turned at least $300 million from their recent $1.5 billion cryptocurrency hack into funds that are now impossible to recover. The hackers managed to steal the massive sum after breaching the ByBit crypto exchange.
Since the attack, investigators have been racing to block the hackers from converting the stolen digital assets into cash. According to experts, the group is working nearly nonstop, possibly channeling the funds into North Korea’s military operations.
Dr. Tom Robinson, co-founder of the crypto analytics firm Elliptic, explains that the hackers are using advanced techniques to erase their financial tracks. According to him, North Korea has perfected the art of laundering cryptocurrency, likely employing a dedicated team that works in shifts using automated tools to process transactions efficiently.
Elliptic estimates that around 20% of the stolen funds have already disappeared, meaning they are unlikely to be recovered. The United States and its allies accuse North Korea of executing numerous cyber heists in recent years to finance its nuclear and military programs.
The hackers gained access to one of ByBit’s service providers on Feb. 21 and used system manipulation to reroute a significant 401,000 Ether coin transfer to their digital wallets. ByBit initially believed the funds were going to its wallet but soon realized they had fallen victim to a sophisticated scam.
CEO Ben Zhou reassured clients that their money was not affected and that the company had secured replacement funds from investors. He also vowed to fight back against Lazarus, launching a bounty program to encourage the public to track and freeze the stolen crypto.
Blockchain technology records every crypto transaction, allowing experts to follow the movement of stolen assets. If the hackers attempt to exchange the funds for traditional currency through a major crypto service, companies can freeze the funds if they detect criminal activity.
So far, the bounty program has helped identify $40 million in stolen assets, leading to $4 million in rewards for participants. Despite these efforts, experts remain doubtful that the majority of the stolen funds will be recovered, given North Korea’s expertise in cybercrime and money laundering.
Another challenge in stopping the hackers is the reluctance of some crypto exchanges to cooperate. ByBit and others have accused the eXch crypto exchange of allowing over $90 million in stolen funds to be cashed out.
The platform’s owner, Johann Roberts, initially claimed uncertainty over whether the funds were stolen but later stated that he is now cooperating. He also argued that identifying crypto users compromises the privacy and anonymity that digital currencies were meant to provide.
While the group once targeted banks, they have focused on cryptocurrency exchanges over the past five years due to weaker security measures. Notable heists linked to North Korea include the 2019 UpBit attack ($41 million), the 2020 KuCoin breach ($275 million), the 2022 Ronin Bridge hack ($600 million), and the 2023 Atomic Wallet theft ($100 million).
Crypto industry players like HIVE Blockchain Technologies Ltd. (NASDAQ: HIVE) (TSX.V: HIVE) are likely to closely examine what could have gone wrong to open an opportunity for hackers to target ByBit. The lessons learned can help in strengthening cybersecurity measures around other firms.
About CryptoCurrencyWire
CryptoCurrencyWire (“CCW”) is a specialized communications platform with a focus on blockchain and the cryptocurrency sector. It is one of 70+ brands within the Dynamic Brand Portfolio @ IBN that delivers: (1) access to a vast network of wire solutions via InvestorWire to efficiently and effectively reach a myriad of target markets, demographics and diverse industries; (2) article and editorial syndication to 5,000+ outlets; (3) enhanced press release enhancement to ensure maximum impact; (4) social media distribution via IBN to millions of social media followers; and (5) a full array of tailored corporate communications solutions. With broad reach and a seasoned team of contributing journalists and writers, CCW is uniquely positioned to best serve private and public companies that want to reach a wide audience of investors, influencers, consumers, journalists and the general public. By cutting through the overload of information in today’s market, CCW brings its clients unparalleled recognition and brand awareness. CCW is where breaking news, insightful content and actionable information converge.
To receive SMS alerts from CryptoCurrencyWire, text “CRYPTO” to 888-902-4192 (U.S. Mobile Phones Only)
For more information, please visit https://www.CryptoCurrencyWire.com
Please see full terms of use and disclaimers on the CryptoCurrencyWire website applicable to all content provided by CCW, wherever published or re-published: https://www.CryptoCurrencyWire.com/Disclaimer
CryptoCurrencyWire
New York, NY
www.CryptoCurrencyWire.com
212.994.9818 Office
Editor@CryptoCurrencyWire.com
CryptoCurrencyWire is powered by IBN
