CyberSecurity news
FlagThis
Oluwapelumi Adejumo@CryptoSlate
//
The FBI has officially attributed the massive $1.4 billion Ethereum theft from the Bybit crypto exchange to the North Korean Lazarus Group. This determination follows accusations from security researchers and firms, solidifying suspicions surrounding the notorious state-sponsored hacking collective. The incident is considered the largest crypto theft in history, underscoring the increasing sophistication of cyber threats targeting digital assets.
The Lazarus Group's attack involved compromising a developer's machine associated with Safe Wallet, a multisig wallet platform. By injecting malicious code into a JavaScript file, the attackers manipulated a planned transfer of funds from Bybit's cold wallet to its hot wallet. This allowed them to redirect over 400,000 ETH and stETH, worth approximately $1.5 billion, to an address under their control. The attack exploited vulnerabilities in Bybit's cold wallet management and multi-signature approval systems, highlighting the need for robust cybersecurity measures within the digital asset space.
ImgSrc: cryptoslate.com
References :
The Lazarus Group's attack involved compromising a developer's machine associated with Safe Wallet, a multisig wallet platform. By injecting malicious code into a JavaScript file, the attackers manipulated a planned transfer of funds from Bybit's cold wallet to its hot wallet. This allowed them to redirect over 400,000 ETH and stETH, worth approximately $1.5 billion, to an address under their control. The attack exploited vulnerabilities in Bybit's cold wallet management and multi-signature approval systems, highlighting the need for robust cybersecurity measures within the digital asset space.
ImgSrc: cryptoslate.com
Share:
References :
- blog.checkpoint.com: Check Point Research Explains What the Bybit Hack Means.
- securityaffairs.com: Lazarus APT stole $1.5B from Bybit, it is the largest cryptocurrency heist ever
- www.the420.in: Largest cryptocurrency heist ever: Bybit Loses Rs 12,000+ Crore.
- Talkback Resources: Bybit Confirms Record-Breaking $1.46 Billion Crypto Heist in Sophisticated Cold Wallet Attack
- The420.in: On Friday, cryptocurrency exchange Bybit disclosed that a highly sophisticated attack resulted in the theft of more than Rs 11,972 crores in digital assets from one of its offline Ethereum wallets—the largest crypto heist on record.
- Check Point Blog: Executive Summary: In one of the largest thefts in digital asset history, hackers gained access to an offline Ethereum wallet and stole $1.5 billion worth of digital assets, primarily consisting of Ethereum tokens.
- BleepingComputer: Cryptocurrency exchange Bybit revealed today that an unknown attacker stole over $1.46 billion worth of cryptocurrency from one of its ETH cold wallets.
- billatnapier.medium.com: One of the Largest Hacks Ever? But Will The Hackers Be Able To Launder The Gains?
- thecyberexpress.com: Bybit ETH Cold Wallet Compromised in Complex Cyberattack, Platform Secures Funds
- PCMag UK security: $1.4 Billion Bybit Crypto Heist Tied to North Korean Hackers
- Cybercrime Magazine: Cybersecurity wake-up call for cryptocurrency exchanges
- infosec.exchange: NEW: After security researchers and firms accused North Korea of the massive Bybit hack, the FBI follows suit. North Korean government hackers allegedly stoled more than $1.4 billion in Ethereum from the crypto exchange.
- Secure Bulletin: Lazarus group’s Billion-Dollar Bybit heist: a cyber forensics analysis
- SecureWorld News: Bybit Hack: $1.46 Billion Crypto Heist Points to North Korea's Lazarus Group
- The Register - Security: The Register reports FBI officially fingers North Korea for $1.5B Bybit crypto-burglary.
- infosec.exchange: Hacked crypto exchange Bybit is offering $140 million in bounties to anyone who can help locate and freeze the stolen ethereum. Bybit also disclosed preliminary results of investigations, which reveal hackers breached a developer’s device at a wallet platform Safe Wallet.
- Sergiu Gatlan: Forensic investigators have discovered that North Korean Lazarus hackers stole $1.5 billion from Bybit after first breaching a Safe{Wallet} developer machine. The multisig wallet platform has also confirmed these findings in a statement issued today.
- securityaffairs.com: The FBI confirmed that North Korea is responsible for the record-breaking cyber heist at the crypto exchange Bybit.
- PCMag UK security: The FBI is urging the cryptocurrency industry to freeze any transactions tied to the Bybit heist.
- SecureWorld News: The U.S. Federal Bureau of Investigation (FBI) officially attributed the massive to North Korea's state-sponsored hacking group, TraderTraitor, more commonly known as the infamous Lazarus Group.
- infosec.exchange: Bybit, a major cryptocurrency exchange, has been hacked to the tune of $1.5 billion in digital assets stolen, in what’s estimated to be the largest crypto heist in history.
- Talkback Resources: FBI Says North Korea Hacked Bybit as Details of $1.5B Heist Emerge [net] [mal]
- iHLS: Largest-Ever Crypto Heist steals $1.4 Billion
- www.cysecurity.news: CySecurity News report on Bybit's $1.5 billion crypto hack.
- Wallarm: API Armor: How Bybit’s Real-Time Blacklisting Is Thwarting a $1.5B Crypto Heist
- www.cysecurity.news: CySecurity News article on the Bybit hack and Lazarus Group involvement.
- Zack Whittaker: Grab some coffee — your weekly ~ this week in security ~ is out: • North Korea's record-breaking $1.4B crypto heist
- Malware ? Graham Cluley: In episode 406 of the "Smashing Security" podcast, we explore how the cryptocurrency exchange Bybit has been hacked to the jaw-dropping tune of $1.5 billion
Classification:
- HashTags: #cryptocurrency #BybitHack #LazarusGroup
- Company: Bybit
- Target: Bybit
- Attacker: Lazarus Group
- Product: Ethereum
- Feature: crypto heist
- Type: Hack
- Severity: Major