POLAND – 2023/11/14: In this photo illustration, a Bybit logo is displayed on a smartphone with … [+]
SOPA Images/LightRocket via Getty Images
Bybit, a major cryptocurrency exchange based in Dubai recently announced it had been hacked, losing $1.5 billion worth of the cryptocurrency Ethereum in the largest cryptocurrency theft of all time. Putting it into perspective, the previous largest cryptocurrency theft was of $611 million worth of cryptocurrencies from the PolyNetwork platform in 2021.
The crypto research group Arkham Intelligence is attributing the theft to the North Korean hacking group known as the Lazarus Group. The Lazarus Group is an infamous cybercrime group tied to the North Korean government that has been conducting cybercrimes since 2009. Among their more notable attacks was the hack of Sony Pictures in 2014 in retaliation for the release of the movie “The Interview” which parodied North Korean leader Kim Jong Un. They also perpetrated a cyberattack against the Bangladesh Bank in 2016 stealing $81 million and in 2017 were responsible for the massive WannaCry Ransowmare attack which affected 300,000 computers in 150 countries.
The blockchain intelligence firm Chainalysis estimated that the Lazarus Group stole $1.34 billion in 2024 in 47 cryptocurrency hacks.
According to Bybit co-founder and CEO Ben Zhou, the attacker exploited a “masked” UI and URL, deceiving wallet signers into unknowingly approving a malicious transaction. This allowed them to alter the smart contract logic and gain control of the ETH cold wallet, draining its funds. By altering the smart contract logic, the Lazarus Group was able to get control over Bybit’s Ethereum cold wallet. Cold wallets are used for security purposes to store cryptocurrencies offline thereby making them more secure than hot wallets which are connected to the Internet and thereby more susceptible to being hacked. Once the hackers took control of the cold wallet they were able to transfer the Ethereum stored there to their own accounts.
As explained by Forbes Contributor Alice Liu the stolen Ethereum was transferred to 53 wallets and are being actively monitored by blockchain and smart contract auditing teams, making it difficult, but not impossible for the Lazarus Group to move the stolen Ethereum in an effort to launder the funds effectively. Already there are initial reports that some of the funds have been moved to the cryptocurrency mixer eXch. Cryptocurency mixers, such as eXch break up the cryptocurrencies received into random, smaller amounts and then mix them with funds of other users of the mixer thereby making it more difficult to trace the source of the funds. They may then convert the Ethereum into different cryptocurrencies to further hide their tracks and then split the funds into even smaller units and send them to multiple wallets and then convert those funds to fiat currency. This process will most likely be repeated using multiple mixers to provide more anonymity for the transfers.
MORE FOR YOU
In 2024 there were a record 303 successful cryptocurrency platform hacks with losses of $2.2 billion. Whether this evident lack of security as shown by the Bybit hacking and other cryptocurrency platform attacks will have an effect on the cryptocurrency markets remains to be seen, but the cryptocurrency industry definitely needs to step up its security.