Bybit breach: Hackers cash out stolen cryptocurrency worth $300M
What's the story
The notorious Lazarus Group, a hacking team believed to be associated with the North Korean government, has cashed out at least $300 million from a recent $1.5 billion crypto theft.
The breach in question saw cryptocurrency exchange Bybit getting compromised two weeks ago.
Since then, attempts to trace and prevent these hackers from cashing out the stolen cryptocurrency have been underway.
Military funding
Experts speculate on potential military funding
Dr. Tom Robinson, co-founder of crypto investigative firm Elliptic, speculates the hackers could be funneling their ill-gotten gains into North Korea's military development.
He said, "Every minute matters for the hackers who are trying to confuse the money trail and they are extremely sophisticated in what they're doing."
Robinson further emphasized North Korea's expertise in laundering cryptocurrency, suggesting an entire team may be dedicated to it.
"I imagine they have an entire room of people doing this," he said.
Bybit's measures
Bybit's response and the Lazarus bounty program
The hacking incident took place on February 21, when the hackers compromised one of Bybit's suppliers and stealthily changed the digital wallet address for transferring 401,000 Ethereum coins.
Despite the breach, Ben Zhou, CEO of Bybit, reassured customers that none of their funds had been taken.
The firm has since replenished the stolen coins with loans from investors and initiated a "war on Lazarus" through its Lazarus Bounty program, which encourages public participation in tracing and freezing stolen funds.
Recovery hurdles
Challenges in recovering stolen funds
Despite the public blockchain enabling tracking of all crypto transactions, experts are still skeptical about recovering most of the stolen funds, given North Korea's expertise in hacking and laundering money.
Dr. Dorit Dor of cybersecurity company Check Point said North Korea has built a successful industry for hacking and laundering in its closed system and economy.
She added they don't care about the negative impression of cybercrime.
Exchange controversy
eXch exchange accused of facilitating criminals
The crypto exchange eXch has been accused by Bybit and others of not stopping the criminals from cashing out. Over $90 million has been successfully funneled through this platform.
eXch owner Johann Roberts disputed these claims over email, saying his company is in a long-standing dispute with Bybit and wasn't sure if the coins were indeed from the hack.
He also expressed concerns about mainstream companies compromising the privacy benefits of cryptocurrency by identifying crypto customers.
Target history
Lazarus Group's history of targeting crypto firms
Though North Korea doesn't officially acknowledge Lazarus Group, it is the only nation believed to be using its hacking skills for financial gain.
Over the past few years, they have shifted their focus from banks to cryptocurrency firms, which have weaker security and fewer money-laundering prevention mechanisms.
Previous North Korea-linked hacks include 2019 hack on UpBit for $41 million, $275 million theft from exchange KuCoin, $600 million from 2022 Ronin Bridge attack, and $100 million on Atomic Wallet in 2023.