North Korean Hackers Steal 5 Billion in Largest Crypto Heist Yet

By /

Listen to this Post

The Largest Crypto Heist in History

The FBI has confirmed that North Korean state-sponsored hackers, known as the Lazarus Group (also tracked as TraderTraitor and APT38), have stolen a staggering $1.5 billion from the cryptocurrency exchange Bybit. This marks the largest recorded crypto heist to date.

The attack took place on February 21, 2025, when the hackers intercepted a scheduled transfer from Bybitā€™s cold wallet to a hot wallet. By exploiting this transaction, they redirected the funds to a blockchain address under their control. The FBI issued a Public Service Announcement (PSA) on Wednesday, confirming North Korea’s involvement and warning that the stolen assets are being rapidly converted into Bitcoin and other cryptocurrencies across multiple blockchains to obscure their origin.

Crypto fraud investigator ZachXBT, along with blockchain analysis firms Elliptic and TRM Labs, traced some of the stolen funds to Ethereum addresses previously linked to Lazarus Group hacks on Phemex, BingX, and Poloniex. Further forensic analysis revealed that the breach originated from an attack on a Safe{Wallet} developer machine, giving the hackers unauthorized access to a Bybit-operated account.

In response, the FBI has urged cryptocurrency exchanges, blockchain analytics firms, and DeFi platforms to block transactions from addresses linked to North Korean hackers. They also released a list of 51 Ethereum addresses associated with the stolen assets.

To put this heist into perspective, North Korean hackers stole a total of $1.34 billion in 47 different crypto attacks throughout 2024. Since 2017, Lazarus Group has stolen over $6 billion in crypto assets, reportedly funding North Koreaā€™s ballistic missile program.

What Undercode Says:

The Lazarus Group: A Growing Threat to Global Financial Security

The Lazarus Group has solidified its reputation as one of the most dangerous cybercriminal organizations in the world. Their sophisticated tactics and state-backed operations make them nearly impossible to stop completely. The $1.5 billion Bybit heist is not just another attackā€”itā€™s a massive escalation in the scale of crypto theft.

How Did This Attack Succeed?

1. Exploitation of Cold-to-Hot Wallet Transfers

  • Bybitā€™s security was breached during the transfer of funds from a cold wallet (offline storage) to a hot wallet (online and more vulnerable).
  • Lazarus Group likely had prior knowledge of this process, indicating either insider access or long-term surveillance.

2. Compromise of Safe{Wallet} Developer Machine

  • A compromised developer machine allowed attackers to manipulate Safe{Wallet} infrastructure.
  • This suggests a supply chain attack where North Korean hackers targeted software developers instead of directly attacking Bybit.

3. Rapid Laundering Through Multiple Blockchains

  • The stolen assets were quickly converted to Bitcoin and other cryptocurrencies.
  • Funds were distributed across thousands of blockchain addresses to evade detection.
  • This method follows the same laundering patterns seen in previous Lazarus-linked hacks.

Why Crypto Exchanges Are Prime Targets

  • Liquidity & Speed: Cryptocurrencies can be moved and laundered quickly compared to traditional banking systems.
  • Decentralization: Unlike banks, crypto exchanges lack unified regulations, making it easier for hackers to exploit security loopholes.
  • High Rewards, Low Risk: State-sponsored cybercriminals like Lazarus Group operate under government protection, facing little risk of prosecution.

The Implications for the Crypto Industry

1. Regulatory Crackdowns

  • Governments worldwide are likely to push for stricter crypto regulations.
  • More KYC (Know Your Customer) and AML (Anti-Money Laundering) policies may be enforced.

2. Increased Security Investments

  • Exchanges will need to strengthen cold wallet security and monitor transactions more rigorously.
  • AI-driven blockchain analytics may become standard to track illicit fund movements.
  1. Stronger Collaboration Between Law Enforcement and Crypto Firms

– The FBIā€™s quick response shows a growing effort to combat crypto-related crimes.
– Exchanges, blockchain firms, and governments must work together to create real-time fraud detection mechanisms.

Final Thoughts

The Bybit hack sets a dangerous precedent. If a major exchange like Bybit can lose $1.5 billion in a single attack, no platform is truly safe. Crypto investors, companies, and regulators must stay vigilantā€”because as long as crypto exists, Lazarus Group and other state-backed cybercriminals will continue

References:

Reported By: https://www.bleepingcomputer.com/news/security/fbi-confirms-lazarus-hackers-were-behind-15b-bybit-crypto-heist/
Extra Source Hub:
https://www.digitaltrends.com
Wikipedia: https://www.wikipedia.org
Undercode AI

Image Source:

OpenAI: https://craiyon.com
Undercode AI DI v2Featured Image

Explore More: