Oluwapelumi Adejumo@CryptoSlate
//
Cryptocurrency exchange Bybit has confirmed a record-breaking theft of approximately $1.46 billion in digital assets from one of its offline Ethereum wallets. The attack, which occurred on Friday, is believed to be the largest crypto heist on record. Bybit disclosed that a highly sophisticated attack resulted in the theft of more than Rs 11,972 crores in digital assets.
The theft targeted an Ethereum cold wallet, involving a manipulation of a transaction from the cold wallet to a warm wallet. This allowed the attacker to gain control and transfer the funds to an unidentified address. The incident highlights the rising trend of cryptocurrency heists, driven by the allure of profits and challenges in tracing such crimes.
Recommended read:
References :
- www.techmeme.com: ZachXBT: crypto exchange Bybit has experienced $1.46B worth of "suspicious outflows"; Bybit CEO confirms hacker took control of cold ETH wallet
- CryptoSlate: The crypto exchange ByBit has been hacked, and roughly $1.5 billion in Ethereum (ETH) has been stolen — making this one of the biggest hacks in history.
- infosec.exchange: NEW: Crypto exchange Bybit said it was hacked and suffered a loss of around $1.4 billion (~401,346 ETH) at the time of the hack.
- PCMag UK security: The Bybit exchange lost 400,000 in ETH, or about $1.4 billion, before the price began to slide, making it the biggest crypto-related hack in history.
- techcrunch.com: TechCrunch reports on the Bybit hack, disclosing a loss of approximately $1.4 billion in Ethereum.
- ciso2ciso.com: In a major cybersecurity incident, Bybit, the world’s 2nd-largest crypto exchange suffered a $1.4 billion ETH hack from a cold wallet breach.
- ciso2ciso.com: Bybit Hack: $1.4B Stolen from World’s 2nd Largest Crypto Exchange – Source:hackread.com
- cryptoslate.com: ByBit suffers $1.5 billion Ethereum heist in cold wallet breach
- www.coindesk.com: Bybit experiences USD1.46B in suspicious outflows
- BleepingComputer: Cryptocurrency exchange Bybit revealed today that an unknown attacker stole over $1.46 billion worth of cryptocurrency from one of its ETH cold wallets.
- The Cryptonomist: 3 Best Bybit Alternatives As Top CEX Is Hacked
- Gulf Business: ‘Worst hack in history’: Dubai crypto exchange Bybit suffers $1.5bn ether heist
- Anonymous ???????? :af:: Cryptocurrency exchange Bybit revealed today that an unknown attacker stole over $1.46 billion worth of cryptocurrency from one of its ETH cold wallets.
- www.bleepingcomputer.com: Hacker steals record $1.46 billion in ETH from Bybit cold wallet
- Techmeme: Bybit Loses $1.5B in Hack but Can Cover Loss, CEO Confirms (Oliver Knight/CoinDesk)
- Report Boom: Report on the Bybit crypto heist, detailing the incident and security recommendations.
- thehackernews.com: Report on the Bybit hack, highlighting the scale of the theft and its implications.
- reportboom.com: Reportboom article about Bybit's $1.46B Crypto Heist.
- www.it-daily.net: Bybit hacked: record theft of 1.5 billion US dollars
- Protos: News about the Bybit cryptocurrency exchange being hacked for over \$1.4 billion.
- The420.in: On Friday, cryptocurrency exchange Bybit disclosed that a highly sophisticated attack resulted in the theft of more than Rs 11,972 crores in digital assets from one of its offline Ethereum wallets—the largest crypto heist on record.
- TechSpot: The hackers stole the crypto from Bybit's cold wallet, an offline storage system.
- Talkback Resources: Crypto exchange Bybit was targeted in a $1.46 billion theft by the Lazarus Group, highlighting the rising trend of cryptocurrency heists driven by the allure of profits and challenges in tracing such crimes.
- www.bleepingcomputer.com: Cryptocurrency exchange Bybit revealed today that an unknown attacker stole over $1.46 billion worth of cryptocurrency from one of its ETH cold wallets.
- www.the420.in: The420.in: Biggest Crypto Heist Ever: Bybit Loses Rs 12,000+ Crore in Sophisticated Ethereum Wallet Attack!
- www.cnbc.com: This report discusses the Bybit hack, detailing the amount stolen and the potential impact on the crypto market.
- www.engadget.com: This news piece reports on the massive crypto heist from Bybit, highlighting the scale of the incident and the impact on the crypto market.
- Techmeme: Arkham says ZachXBT submitted proof that North Korea's Lazarus Group is behind Bybit's $1.5B hack, which is the largest single theft in crypto history
- BrianKrebs: Infosec exchange post describing Bybit breach.
- Talkback Resources: Bybit cryptocurrency exchange suffered a cyberattack resulting in the theft of $1.5 billion worth of digital currency, including over 400,000 ETH and stETH, with potential vulnerabilities in the Safe.global platform's user interface exploited.
- securityaffairs.com: SecurityAffairs reports Lazarus APT stole $1.5B from Bybit, it is the largest cryptocurrency heist ever.
- gulfbusiness.com: ‘Worst hack in history’: Dubai crypto exchange Bybit suffers $1.5bn ether heist
- techcrunch.com: Crypto exchange Bybit says it was hacked and lost around $1.4B
- Tekedia: The cryptocurrency industry has been rocked by what is now considered the largest digital asset theft in history, as Bybit, a leading crypto exchange, confirmed on Friday that hackers stole approximately $1.4 billion worth of Ethereum (ETH) from one of its offline wallets.
- blog.checkpoint.com: What the Bybit Hack Means for Crypto Security and the Future of Multisig Protection
- Dan Goodin: Crypto exchange Bybit said it was hacked and suffered a loss of around $1.4 billion (~401,346 ETH) at the time of the hack.
- BleepingComputer: Crypto exchange Bybit revealed today that an unknown attacker stole over $1.46 billion worth of cryptocurrency from one of its ETH cold wallets.
- Security Boulevard: North Korea’s Lazarus Group Hacks Bybit, Steals $1.5 Billion in Crypto
- bsky.app: Elliptic is following the money on this ByBit hack - the biggest theft ot all time. “Within 2 hours of the theft, the stolen funds were sent to 50 different wallets, each holding approximately 10,000 ETH. These are now being systematically emptied�.
- Talkback Resources: Talkback Post about the $1.5B Bybit Hack: The Era of Operational Security Failures Has Arrived
- infosec.exchange: Reports that North Korean hackers stole $1.4 billion in crypto from Bybit.
- securityboulevard.com: North Korea's notorious Lazarus Group reportedly stole $1.5 billion in cryptocurrency from the Bybit exchange in what is being called the largest hack in the controversial market's history.
- billatnapier.medium.com: One of the Largest Hacks Ever? But Will The Hackers Be Able To Launder The Gains?
- thecyberexpress.com: thecyberexpress.com - Details on Bybit Cyberattack.
- Matthew Rosenquist: This may turn out to be the biggest hack in history! $1.5 BILLION.
- PCMag UK security: The $1.4 billion at Bybit—the largest known cryptocurrency heist in history—has been traced to the notorious Lazarus North Korean hacking group.
- www.nbcnews.com: Hackers steal $1.5 billion from exchange Bybit in biggest-ever crypto heist: Blockchain analysis firm Elliptic later linked the attack to North Korea’s Lazarus Group, a state-sponsored hacking collective
- www.pcmag.com: Researchers spot the $1.4 billion stolen from Bybit moving through cryptocurrency wallets that were used in earlier heists attributed to North Korea's Lazarus hacking group.
- siliconangle.com: $1.5B in cryptocurrency stolen from Bybit in attack linked to North Korean hackers
- www.americanbanker.com: Nearly $1.5 billion in tokens lost in Bybit crypto exchange hack
- SiliconANGLE: SiliconAngle reports on the details of the Bybit hack and links it to North Korean hackers.
- techcrunch.com: TechCrunch reports on the massive crypto heist, citing research that points to North Korean hackers as perpetrators.
- OODAloop: Reports that North Korea’s Lazarus Group APT is Behind Largest Crypto Heist Ever
- Be3: Looming Shadows: $1.5 Billion Crypto Heist Shakes Confidence in Security Measures
- Schneier on Security: Schneier on Security covers the North Korean Hackers Stealing $1.5B in Cryptocurrency.
- Dataconomy: How the Bybit hack shook the crypto world: $1.5B gone overnight
- be3.sk: Looming Shadows: $1.5 Billion Crypto Heist Shakes Confidence in Security Measures
- Risky Business: Risky Business #781 -- How Bybit oopsied $1.4bn
- cyberriskleaders.com: Bybit, a leading exchange, was hacked for USD1.4 billion in Ethereum and staked Ethereum, sending shockwaves through the digital asset community.
- www.csoonline.com: Independent investigation finds connections to the Lazarus Group.
- Cybercrime Magazine: Bybit suffers the largest crypto hack in history
- www.theguardian.com: Cyberattackers believed to be affiliated with the state-sponsored threat group pulled off the largest crypto heist reported to date, stealing $1.5 billion from exchange Bybit.
- bsky.app: Forensic investigators have discovered that North Korean Lazarus hackers stole $1.5 billion from Bybit after first breaching a Safe{Wallet} developer machine. The multisig wallet platform has also confirmed these findings in a statement issued today.
- Sergiu Gatlan: Forensic investigators have discovered that North Korean Lazarus hackers stole $1.5 billion from Bybit after first breaching a Safe{Wallet} developer machine. The multisig wallet platform has also confirmed these findings in a statement issued today.
- SecureWorld News: SecureWorld reports on the Bybit hack, attributing it to the Lazarus Group.
- OODAloop: The Largest Theft in History – Following the Money Trail from the Bybit Hack
- gbhackers.com: Researchers Uncover $1.4B in Sensitive Data Tied to ByBit Hack by Lazarus Group
- Secure Bulletin: The Lazarus Group, a notorious North Korean state-sponsored hacking collective, has once again demonstrated its sophistication and audacity with a staggering $1.5 billion cryptocurrency heist targeting Bybit, a major crypto exchange.
- Talkback Resources: "
THN Weekly Recap: From $1.5B Crypto Heist to AI Misuse & Apple’s Data Dilemma [mal]
- infosec.exchange: NEW: Hacked crypto exchange Bybit is offering $140 million in bounties to anyone who can help locate and freeze the stolen ethereum.
- CyberInsider: Record $1.5 billion Bybit hack undermines trust in crypto security
- The Register - Security: Cryptocurrency exchange Bybit, just days after suspected North Korean operatives stole $1.5 billion in Ethereum from it, has launched a bounty program to help recover its funds.
- PCMag UK security: The malicious Javascript code used in the attack could secretly modify transactions for Safe{Wallet}, a cryptocurrency wallet provider. The suspected North Korean hackers who $1.4 billion in cryptocurrency from Bybit pulled off the heist by infiltrating a digital wallet provider and tampering with its software.
- techcrunch.com: Last week, hackers stole around $1.4 billion in Ethereum cryptocurrency from crypto exchange Bybit, believed to be the largest crypto heist in history. Now the company is offering a total of $140 million in bounties for anyone who can help trace and freeze the stolen funds. Bybit’s CEO and
- securityaffairs.com: The FBI confirmed that North Korea is responsible for the record-breaking cyber heist at the crypto exchange Bybit.
- The Register - Security: The FBI has officially accused North Korea's Lazarus Group of stealing $1.5 billion in Ethereum from crypto-exchange Bybit earlier this month, and asked for help tracking down the stolen funds.
- techcrunch.com: The FBI said the North Korean government is ‘responsible’ for the hack at crypto exchange Bybit, which resulted in the theft of more than $1.4 billion in Ethereum cryptocurrency.
- Talkback Resources: FBI Says North Korea Hacked Bybit as Details of $1.5B Heist Emerge [net] [mal]
- PCMag UK security: FBI Blames North Korea for Massive $1.4 Billion Cryptocurrency Heist
- The420.in: Rs 1.27 trillion Stolen: Bybit Joins the Ranks of Crypto’s Largest Thefts – Full List Inside
- Talkback Resources: Bybit Hack Traced to Safe{Wallet} Supply Chain Attack Exploited by North Korean Hackers [mal]
- Tekedia: Bybit Declares War on “Notorious� Lazarus Group After $1.4B Hack, Offers $140m Reward
- SecureWorld News: The FBI officially attributed the massive to North Korea's state-sponsored hacking group, TraderTraitor, more commonly known as the infamous Lazarus Group.
- ChinaTechNews.com: North Korea was behind the theft of approximately $1.5bn in virtual assets from a cryptocurrency exchange, the FBI has said, in what is being described as the biggest heist in history.
- Wallarm: Lab Wallarm discusses how Bybit’s Real-Time Blacklisting Is Thwarting a $1.5B Crypto Heist
- iHLS: Cryptocurrency exchange Bybit became the latest victim of a major cyberattack, marking what appears to be the largest crypto hack in history.
- thehackernews.com: Bybit Hack Traced to Safe{Wallet} Supply Chain Attack Exploited by North Korean Hackers
- www.pcmag.com: FBI Blames North Korea for Massive $1.4 Billion Cryptocurrency Heist
- Dan Goodin: InfoSec Exchange Post on the FBI attribution to the Lazarus group and Bybit hack
info@thehackernews.com (The Hacker News)@The Hacker News
//
The North Korean hacking group known as TraderTraitor, also identified as Jade Sleet, UNC4899, and Slow Pisces, has been linked to the theft of $308 million in cryptocurrency from the Japanese exchange DMM Bitcoin in May. This group, a cryptocurrency-focused element within North Korea's Reconnaissance General Bureau, primarily targets blockchain-related companies. Authorities, including the FBI, the Department of Defense Cyber Crime Center, and the National Police Agency of Japan, confirmed the group's involvement, highlighting TraderTraitor's use of targeted social engineering techniques to infiltrate their victims. The group's known methods also include supply chain attacks and malware deployment.
The FBI outlined the attack chain, which began in March when TraderTraitor members posed as recruiters and contacted an employee at a cryptocurrency wallet software company named Ginco. This led to the deployment of a malicious python script. By exploiting the compromised employee's access, the hackers manipulated a legitimate DMM transaction request, resulting in the theft of 4,502.9 Bitcoin, valued at $308 million at the time. The stolen funds were then moved to TraderTraitor-controlled wallets. This incident led DMM Bitcoin to restrict its services following the hack, until the completion of investigations.
Recommended read:
References :
- The Hacker News: The Hacker News reports on North Korean hackers stealing $308M in Bitcoin from DMM Bitcoin.
- www.bleepingcomputer.com: The North Korean hacker group 'TraderTraitor' stole $308 million worth of cryptocurrency in the attack on the Japanese exchange DMM Bitcoin in May.
- www.coindesk.com: US and Japanese law enforcement say North Korean hackers were responsible for stealing 4,502.9 bitcoin, worth $308M, from Japanese exchange DMM in May 2024 (Sheldon Reback/CoinDesk)
- BleepingComputer: The North Korean hacker group 'TraderTraitor' stole $308 million worth of cryptocurrency in the attack on the Japanese exchange DMM Bitcoin in May.
- : FBI : This is not much of a cybersecurity advisory: The Federal Bureau of Investigation, Department of Defense Cyber Crime Center (DC3), and National Police Agency of Japan linked the theft of cryptocurrency worth $308 million U.S. dollars from the Japan-based cryptocurrency company DMM to North Korea's . They also confirmed different private industry threat actor names: , , and . TraderTraitor is a cryptocurrency-focused element within the Reconnaissance General Bureau (RGB), that primarily targets blockchain-related companies (and related vendors).
- COINOTAG NEWS: Coinotag reports about the 48.2 Billion Yen Bitcoin theft linked to North Korea.
- ciso2ciso.com: US and Japan Blame North Korea for $308m Crypto Heist
- www.techmeme.com: US and Japanese law enforcement say North Korean hackers were responsible for stealing 4,502.9 bitcoin, worth $308M, from Japanese exchange DMM in May 2024 (Sheldon Reback/CoinDesk)
- securityonline.info: North Korean Cyber Actors TraderTraitor Steal $308 Million in Cryptocurrency: DMM Breach Unveiled
- Techmeme: US and Japanese law enforcement say North Korean hackers were responsible for stealing 4,502.9 bitcoin, worth $308M, from Japanese exchange DMM in May 2024 (Sheldon Reback/CoinDesk)
- Techmeme: US and Japanese law enforcement say North Korean hackers were responsible for stealing 4,502.9 bitcoin, worth $308M, from Japanese exchange DMM in May 2024 (Sheldon Reback/CoinDesk)
- ciso2ciso.com: FBI Blames North Korea for $308M Cryptocurrency Hack as Losses Surge in 2024
- securityaffairs.com: DMM Bitcoin $308M Bitcoin heist linked to North Korea
- osint10x.com: North Korean Hackers Pull Off $308M Bitcoin Heist from Crypto Firm DMM Bitcoin
- securityonline.info: North Korean Cyber Actors TraderTraitor Steal $308 Million in Cryptocurrency: DMM Breach Unveiled
- ciso2ciso.com: DMM Bitcoin $308M Bitcoin heist linked to North Korea – Source: securityaffairs.com
- www.scworld.com: Suspected Lazarus subgroup behind DMM crypto heist
- Cybernews: A gang of North Korean-affiliated threat actors stole $308 million worth of cryptocurrency from a Japanese crypto company.
- Bitcoin News: FBI Links North Korean Hackers to $308 Million DMM Exchange Breach
- therecord.media: The FBI blamed the theft of $300 million from Japanese crypto platform DMM on hackers from North Korea
@hackread.com
//
The U.S. Department of Justice has charged Andean Medjedovic, a 22-year-old Canadian national, with stealing approximately $65 million in cryptocurrency. Medjedovic allegedly exploited vulnerabilities in the automated smart contracts used by the KyberSwap and Indexed Finance decentralized finance protocols. He reportedly withdrew millions of dollars of investor funds from the protocols at artificial prices, rendering the victims’ investments essentially worthless.
Medjedovic is also accused of laundering the proceeds of his fraudulent schemes through a series of transactions designed to conceal the source and ownership of the funds, including through swap transactions, bridging transactions, and the use of a digital assets mixer. The indictment also alleges that he attempted to extort the victims of the KyberSwap exploit. Medjedovic faces charges including wire fraud, unauthorized damage to a protected computer, attempted Hobbs Act extortion, money laundering conspiracy, and money laundering. If convicted, he faces a maximum of 10 years in prison on the unauthorized damage charge and 20 years on each of the other counts.
Recommended read:
References :
- BleepingComputer: The U.S. Justice Department has charged a Canadian man with stealing roughly $65 million after exploiting two decentralized finance (DeFI) protocols.
- securityonline.info: Canadian Hacker Indicted for $65 Million DeFi Exploit
- Cyber Security News: Cybersecurity News article about the Canadian national charged with stealing $65 million in crypto.
- securityonline.info: Details about the criminal indictment.
- www.justice.gov: U.S. Department of Justice : 22 year old Canadian national Andean Medjedovic was charged with exploiting vulnerabilities in the automated smart contracts used by the KyberSwap and Indexed Finance decentralized finance protocols to withdraw approximately $65 million from investor funds. Medjedovic also allegedly laundered the proceeds of his fraudulent schemes through a series of transactions designed to conceal the source and ownership of the funds, using bridging transactions and crypto mixers. The indictment cites: Wire fraud, unauthorized damage to a protected computer, attempted Hobbs Act extortion, money laundering conspiracy, and money laundering.
- DataBreaches.Net: Canadian man charged in $65 million cryptocurrency hacking schemes
- www.bleepingcomputer.com: Report on the exploit of KyberSwap and Indexed Finance.
- www.justice.gov: Original DOJ report about the incident.
- CryptoSlate: KyberSwap exploiter gets five-count criminal indictment after stealing $65M
- cryptoslate.com: KyberSwap exploiter gets five-count criminal indictment after stealing $65M
- Help Net Security: Man charged with stealing $65 million by exploting DeFI protocols vulnerabilities
- www.helpnetsecurity.com: Man charged with stealing $65 million by exploting DeFI protocols vulnerabilities
- hackread.com: News report on the alleged DeFi hack.
Cynthia B@Metacurity
//
The Lazarus Group, a North Korean hacking organization, has reportedly laundered 100% of the $1.4 billion stolen from the Bybit cryptocurrency exchange. This information was initially reported by The Record and other cybersecurity news outlets. The stolen funds, in the form of Ethereum (ETH), were moved to new addresses, which is the first step in laundering cryptocurrency.
This rapid laundering of such a large sum indicates a high level of operational efficiency by the North Korean hackers. Ari Redbord, a former federal prosecutor and senior Treasury official, described this event as showing “unprecedented level of operational efficiency.” He also suggested that North Korea has expanded its money laundering infrastructure or that underground financial networks, especially in China, have improved their ability to handle illicit funds. This situation underscores the increasing sophistication of North Korea's cybercrime activities and their ability to quickly process stolen cryptocurrency.
Recommended read:
References :
- infosec.exchange: NEW: The (allegedly North Korean) hackers behind the Bybit crypto heist have already laundered all the stolen Ethereum, which was worth $1.4 billion.
- Metacurity: Lazarus Group hackers have laundered 100% of the $1.4 billion they stole from Bybit
- Resources-2: FBI Confirms North Korean Lazarus Group Behind $1.5 Billion Bybit Crypto Heist
- : North Korea Targeting Crypto Industry, Says FBI
CISO2CISO Editor 2@ciso2ciso.com
//
In 2024, nearly $500 million in cryptocurrency was stolen through wallet drainer malware, impacting over 332,000 victims. These malicious attacks trick users into signing fraudulent transactions, allowing the attackers to transfer assets out of their wallets. The scale of these attacks highlights a significant increase in the sophistication of cryptocurrency-related cybercrime, with $494 million being lost to these scams in the past year alone. The use of wallet drainers poses a substantial threat to cryptocurrency users.
Scam Sniffer reported a 67% year-over-year increase in stolen funds, despite only a 3.7% increase in affected addresses. The first quarter of 2024 saw the highest activity with 175,000 victims and $187.2 million in losses. While attacks were more frequent early in the year, the largest individual thefts occurred in August and September. These findings emphasize the need for enhanced security measures, user education on avoiding such scams and being vigilant.
Recommended read:
References :
- ciso2ciso.com: Wallet Drainer Malware Used to Steal $500 Million in Cryptocurrency in 2024 – Source: www.securityweek.com
- BleepingComputer: Scammers stole $494 million worth of cryptocurrency in wallet drainer attacks last year that targeted more than 300,000 wallet addresses.
- www.the420.in: Scammers Steal Rs 4200 Crore in Cryptocurrency Through Wallet Drainer Attacks in 2024!
- ciso2ciso.com: Wallet Drainer Malware Used to Steal $500 Million in Cryptocurrency in 2024
|
|
FlagThis - #cryptotheft