FBI Accuses North Korean-Backed Hackers of Stealing $1.5 Billion in Crypto

The Federal Bureau of Investigation (FBI) has accused a group of hackers linked to North Korea of conducting one of the largest known thefts of cryptocurrency, with an estimated haul of $1.5 billion from a Dubai-based firm, Bybit.

The theft, which occurred earlier this month, targeted Bybit, one of the world's largest crypto exchanges. The FBI has said that the hackers used a combination of malware and modified trading applications to steal the cryptocurrency, specifically ethereum. The agency has identified the group as "TraderTraitor actors" and linked them to the Lazarus Group, a known North Korean-backed hacking collective.

The FBI believes that the North Korean-backed hackers are responsible for the theft and have already converted some of the stolen assets into Bitcoin and other virtual assets, which they have dispersed across thousands of addresses on multiple blockchains. According to the agency, these assets will likely be further laundered and eventually converted to fiat currency.

North Korea has a long history of engaging in cyberattacks and stealing cryptocurrency, with an estimated $1.2 billion in assets stolen over the past five years, according to South Korea's spy agency. The theft represents a rare source of badly needed foreign currency to support the country's fragile economy and fund its nuclear program.

The Lazarus Group has been linked to several high-profile cyberattacks in recent years, including the 2014 Sony Pictures hack and the 2017 WannaCry ransomware attack. The group is believed to be responsible for stealing billions of dollars' worth of cryptocurrency from various targets around the world.

Bybit co-founder and CEO, Ben Zhou, acknowledged the FBI's announcement in a post on social platform X, linking to a website offering $140 million in bounties for tracking the stolen crypto and getting it frozen by other exchanges. Bybit has said that a routine transfer of ethereum from a "cold" or offline wallet was "manipulated" by an attacker who transferred the crypto to an unidentified address.

The blockchain analytics firm Certik has described the theft as "the largest breach" in the history of blockchain transactions. The theft has seen overall crypto prices drop in recent days, with investors spooked by the hack despite the industry getting a boost from the election of U.S. President Donald Trump.

Industry leader Bitcoin traded over $82,000 a coin on Thursday, down from high of over $100,000 a month ago. The theft has also led to increased scrutiny of the cryptocurrency market and calls for greater regulation and security measures to protect against such attacks.

The FBI's Investigation

The FBI is investigating the theft and believes that the North Korean-backed hackers are responsible for the crime. The agency has identified the group as "TraderTraitor actors" and linked them to the Lazarus Group, a known North Korean-backed hacking collective.

The FBI has said that the hackers used a combination of malware and modified trading applications to steal the cryptocurrency. The agency has also warned that the stolen assets will likely be further laundered and eventually converted to fiat currency.

The Impact on the Cryptocurrency Market

The theft has had a significant impact on the cryptocurrency market, with overall crypto prices dropping in recent days. Investors have been spooked by the hack, despite the industry getting a boost from the election of U.S. President Donald Trump.

Industry leader Bitcoin traded over $82,000 a coin on Thursday, down from high of over $100,000 a month ago. The theft has also led to increased scrutiny of the cryptocurrency market and calls for greater regulation and security measures to protect against such attacks.

The North Korean Government's Response

North Korea has not acknowledged either the theft or the FBI accusation. Pyongyang's mission to the United Nations in Geneva did not immediately respond to a request from The Associated Press. However, North Korea has stolen an estimated $1.2 billion in cryptocurrency and other virtual assets in the past five years, according to South Korea's spy agency.

The theft represents a rare source of badly needed foreign currency to support the country's fragile economy and fund its nuclear program in the face of intense U.N. sanctions and North Korea's strict border closures during the coronavirus pandemic.