Skip to main content

North Korean hackers cash out hundreds of millions from $1.5bn ByBit hack

Hackers thought to be working for the North Korean regime have successfully converted at least $300m (£232m) of their record-breaking $1.5bn crypto heist to unrecoverable funds.

The criminals, known as Lazarus Group, swiped the huge haul of digital tokens in a hack on crypto exchange ByBit two weeks ago.

Since then, it's been a cat-and-mouse game to track and block the hackers from successfully converting the crypto into usable cash.

Experts say the infamous hacking team is working nearly 24 hours a day - potentially funnelling the money into the regime's military development.

"Every minute matters for the hackers who are trying to confuse the money trail and they are extremely sophisticated in what they're doing," says Dr Tom Robinson, co-founder of crypto investigators Elliptic.

Out of all the criminal actors involved in crypto currency, North Korea is the best at laundering crypto, Dr Robinson says.

"I imagine they have an entire room of people doing this using automated tools and years of experience. We can also see from their activity that they only take a few hours break each day, possibly working in shifts to get the crypto turned into cash."

Elliptic's analysis tallies with ByBit, which says that 20% of the funds have now "gone dark", meaning it is unlikely to ever be recovered.

The US and allies accuse the North Koreans of carrying out dozens of hacks in recent years to fund the regime's military and nuclear development.

On 21 February the criminals hacked one of ByBit's suppliers to secretly alter the digital wallet address that 401,000 Ethereum crypto coins were being sent to.

ByBit thought it was transferring the funds to its own digital wallet, but instead sent it all to the hackers.

Ben Zhou, the CEO of ByBit, assured customers that none of their funds had been taken.

The firm has since replenished the stolen coins with loans from investors, but is, in Zhou's words, "waging war on Lazarus".

ByBit's Lazarus Bounty programme is encouraging members of the public to trace the stolen funds and get them frozen where possible.

All crypto transactions are displayed on a public blockchain, so it's possible to track the money as it's moved around by the Lazarus Group.

If the hackers try to use a mainstream crypto service to attempt to turn the coins into normal money like dollars, the crypto coins can be frozen by the company if they think they are linked to crime.

So far 20 people have shared more than $4m in rewards for successfully identifying $40m of the stolen money and alerting crypto firms to block transfers.

But experts are downbeat about the chances of the rest of the funds being recoverable, given the North Korean expertise in hacking and laundering the money.

"North Korea is a very closed system and closed economy so they created a successful industry for hacking and laundering and they don't care about the negative impression of cyber crime," Dr Dorit Dor from cyber security company Check Point said.

Another problem is that not all crypto companies are as willing to help as others.

Crypto exchange eXch is being accused by ByBit and others of not stopping the criminals cashing out.

More than $90m has been successfully funnelled through this exchange.

But over email the elusive owner of eXch - Johann Roberts - disputed that.

He admits they didn't initially stop the funds, as his company is in a long-running dispute with ByBit, and he says his team wasn't sure the coins were definitely from the hack.

He says he is now co-operating, but argues that mainstream companies that identify crypto customers are betraying the private and anonymous benefits of crypto currency.

Credit | LN24 Int'l

Courtesy of: Christian Church World News™ CCWN Television Network International


Comments

Post a Comment

Popular posts from this blog

Christopher Yuan's nonprofit sues tech company, alleges religious discrimination

Listen🎙️on Blog Stream Infopedia Radio On Air A Christian nonprofit overseen by theologian Christopher Yuan has filed a lawsuit against a California-based technology company, accusing it of religious discrimination. Yuan’s group, Holy Sexuality, filed a complaint against Asana, Inc. of San Francisco on Tuesday in the United States District Court of the Southern District of California. According to the lawsuit, Asana refused to give Holy Sexuality a 50% nonprofit discount for the company’s project management software due to the religious nature of the organization. The lawsuit cited an entry on Asana’s website which excludes from their discount “organizations that exist to solely propagate a belief in a specific faith or do not provide services to people outside of a specific faith.” Asana also bars from the nonprofit discount any hospitals, credit unions, educational institutions, and any groups “that advocate, support, or practice discrimination based on age, ethnicity, gender, natio...
Post a Comment
Read more

Trump Shouts Out Elon Musk, DOGE Savings, and Reveals Shocking Levels of U.S. Spending Fraud

Listen🎙️on Blog Stream Infopedia Radio On Air Trump Shouts Out Elon Musk, DOGE Savings, and Reveals Shocking Levels of U.S. Spending Fraud In a dramatic address to Congress on March 4, President Donald Trump made headlines by revealing shocking figures related to fraud in U.S. government spending. Trump highlighted the role of the DOGE (Department of Government Oversight and Economic) agency in uncovering fraud, claiming that over $500 billion annually is lost due to mismanagement, inflation, and systemic inefficiencies. One of the most startling discoveries Trump shared during his speech was the inflated number of people reported to be over the age of 100. This “statistical inflation,” as he called it, was one of many examples cited by the DOGE agency in its recent report. Trump emphasized that such discrepancies in government data were just the tip of the iceberg and that much of the waste occurred due to bureaucratic inefficiencies and outdated record-keeping practices. In addition...
Post a Comment
Read more

Meta keeps secret do not rehire’ list of ex-employees — despite exceptional performance reviews: report

Listen🎙️on Blog Stream Infopedia Radio On Air Meta maintains an internal “do not rehire” list of former employees who are not welcome back at the company — even on the recommendation of a vice president, according to a report. A former Meta engineer who was among the 10,000 employees laid off during the company’s 2022 downsizing told Business Insider that they were shocked to learn that they were deemed “ineligible for rehire” even though hiring managers spoke to them after submitting some 20 applications. With over four years at the company and a consistent performance rating of “exceeded expectations,” the engineer had even been promoted to a senior technical position the previous year. Their contributions had been acknowledged as “crucial” by a senior manager, and multiple hiring managers had initially expressed interest in rehiring them, according to the Business Insider report. However, after submitting nearly 20 applications, a concerning pattern emerged. Hiring managers would i...
Post a Comment
Read more