CyberSecurity news
FlagThis
Ojukwu Emmanuel@Tekedia
//
On February 21, 2025, the cryptocurrency exchange Bybit suffered a massive security breach resulting in the theft of approximately $1.46 billion in crypto assets. Investigations have pointed towards the Lazarus Group, a North Korean state-sponsored hacking collective, as the perpetrators behind the audacious heist. The FBI has officially accused the Lazarus Group of stealing $1.5 billion in Ethereum and has requested assistance in tracking down the stolen funds.
Bybit has declared war on the Lazarus Group following the incident and is offering a $140 million bounty for information leading to the recovery of the stolen cryptocurrency. CEO Ben Zhou has launched Lazarusbounty.com, a bounty site aiming for transparency on the Lazarus Group's money laundering activities. The attack involved exploiting vulnerabilities in a multisig wallet platform, Safe{Wallet}, by compromising a developer’s machine, enabling the transfer of over 400,000 ETH and stETH (worth over $1.5 billion) to an address under their control.
ImgSrc: tkcdn.tekedia.c
References :
Bybit has declared war on the Lazarus Group following the incident and is offering a $140 million bounty for information leading to the recovery of the stolen cryptocurrency. CEO Ben Zhou has launched Lazarusbounty.com, a bounty site aiming for transparency on the Lazarus Group's money laundering activities. The attack involved exploiting vulnerabilities in a multisig wallet platform, Safe{Wallet}, by compromising a developer’s machine, enabling the transfer of over 400,000 ETH and stETH (worth over $1.5 billion) to an address under their control.
ImgSrc: tkcdn.tekedia.c
Share:
References :
- The Register - Security: The FBI has officially accused North Korea's Lazarus Group of stealing $1.5 billion in Ethereum from crypto-exchange Bybit earlier this month, and asked for help tracking down the stolen funds.
- Secure Bulletin: The Lazarus Group, a notorious North Korean state-sponsored hacking collective, has once again demonstrated its sophistication and audacity with a staggering $1.5 billion cryptocurrency heist targeting Bybit, a major crypto exchange.
- SecureWorld News: On February 21, 2025, the cryptocurrency world was rocked by the largest crypto heist in history. Dubai-based exchange Bybit was targeted in a malware-driven attack that resulted in the theft of approximately $1.46 billion in crypto assets.
- Tekedia: Bybit, a leading crypto exchange, has declared war on “notorious� Lazarus group, a hacker group made up of an unknown number of individuals, alleged to be run by the government of North Korea. This is coming after the crypto exchange experienced a security breach resulting in the unauthorized transfer of over $1.4 billion in liquid-staked crypto assets.
- Talkback Resources: FBI confirmation of Lazarus Group's involvement
- www.cnbc.com: Details on the attack in a news article
- securityaffairs.com: FBI: North Korea-linked TraderTraitor is responsible for $1.5 Billion Bybit hack
- bsky.app: Forensic investigators have discovered that North Korean Lazarus hackers stole $1.5 billion from Bybit after first breaching a Safe{Wallet} developer machine. The multisig wallet platform has also confirmed these findings in a statement issued today.
- iHLS: Largest-Ever Crypto Heist steals $1.4 Billion
- thehackernews.com: Bybit Hack Traced to Safe{Wallet} Supply Chain Attack Exploited by North Korean Hackers
- SecureWorld News: Bybit Hack: FBI Attributes to North Korea, Urges Crypto Sector to Act
- The Register - Security: Bybit declares war on North Korea's Lazarus crime-ring to regain $1.5B stolen from wallet
- infosec.exchange: NEW: Hacked crypto exchange Bybit is offering $140 million in bounties to anyone who can help locate and freeze the stolen ethereum. Bybit also disclosed preliminary results of investigations, which reveal hackers breached a developer’s device at a wallet platform Safe Wallet.
- Sergiu Gatlan: Forensic investigators have discovered that North Korean Lazarus hackers stole $1.5 billion from Bybit after first breaching a Safe{Wallet} developer machine. The multisig wallet platform has also confirmed these findings in a statement issued today.
- gbhackers.com: Researchers Uncover $1.4B in Sensitive Data Tied to ByBit Hack by Lazarus Group
- infosec.exchange: NEW: After security researchers and firms accused North Korea of the massive Bybit hack, the FBI follows suit. North Korean government hackers allegedly stoled more than $1.4 billion in Ethereum from the crypto exchange.
- www.cysecurity.news: Bybit Suffers Historic $1.5 Billion Crypto Hack, Lazarus Group Implicated
- infosec.exchange: Bybit, that major cryptocurrency exchange, has been hacked to the tune of $1.5 billion in digital assets stolen, in what’s estimated to be the largest crypto heist in history.
- BleepingComputer: Bybit, a major cryptocurrency exchange, has fallen victim to a massive cyberattack, with approximately $1.5 billion in cryptocurrency stolen. The breach is believed to be the largest single theft in crypto history.
- Taggart :donor:: Cryptocurrency exchange Bybit suffered a massive security breach, resulting in the loss of $1.5 billion in digital assets. The hack compromised the exchange's cold wallet and involved sophisticated techniques to steal the funds.
- www.cysecurity.news: CySecurity News report on the Bybit hack, its implications, and the potential Lazarus Group connection.
- The420.in: The 420 report on Bybit theft
- PCMag UK security: The FBI is urging the cryptocurrency industry to freeze any transactions tied to the Bybit heist. The FBI has the $1.4 billion cryptocurrency at Bybit to North Korean state-sponsored hackers after security researchers reached the same conclusion.
- infosec.exchange: Details of the Bybit hack and Lazarus Group's involvement.
- Talkback Resources: Bybit Hack Traced to Safe{Wallet} Supply Chain Attack Exploited by North Korean Hackers
- securityaffairs.com: The FBI confirmed that North Korea is responsible for the record-breaking cyber heist at the crypto exchange Bybit.
- Zack Whittaker: your weekly ~ this week in security ~ is out: • North Korea's record-breaking $1.4B crypto heist
- infosec.exchange: NEW: The (allegedly North Korean) hackers behind the Bybit crypto heist have already laundered all the stolen Ethereum, which was worth $1.4 billion. Ari Redbord, former federal prosecutor and senior Treasury official, told me this laundering shows “unprecedented level of operational efficiency,� but there's more steps they need to take to cash out. “This rapid laundering suggests that North Korea has either expanded its money laundering infrastructure or that underground financial networks, particularly in China, have enhanced their capacity to absorb and process illicit funds,� said Redbord.
- The Record: Experts from multiple blockchain security companies said that North Korean hackers were able to move all of the ETH coins stolen from Bybit to new addresses — the first step taken before the funds can be laundered further
- The Record: Experts from multiple blockchain security companies said that North Korean hackers were able to move all of the ETH coins stolen from Bybit to new addresses — the first step taken before the funds can be laundered further
- Know Your Adversary: News item discussing the massive Bybit crypto theft, potentially the largest in history.
- Metacurity: Lazarus Group hackers have laundered 100% of the $1.4 billion they stole from Bybit
- infosec.exchange: The (allegedly North Korean) hackers behind the Bybit crypto heist have already laundered all the stolen Ethereum, which was worth $1.4 billion.
Classification:
- HashTags: #BybitHack #LazarusGroup #CryptoHeist
- Company: Bybit
- Target: Bybit Cryptocurrency Exchange
- Attacker: Lazarus Group
- Product: cryptocurrency exchange platform
- Feature: cryptocurrency exchange securi
- Malware: string
- Type: Hack
- Severity: Major