North Korean Hackers Cash Out After World's Biggest Crypto Heist

The world's largest-ever crypto heist has seen hackers linked to North Korea's infamous Lazarus group cash out hundreds of millions in stolen funds. The $1.46 billion (£1.16 billion) heist, which took place on February 21 at a Dubai-based crypto exchange called ByBit, has left investigators scrambling to track down the digital currency and its subsequent laundering.

According to British blockchain analytics firm Elliptic, approximately 20% of the stolen funds have already been laundered and are unlikely to be recovered. The FBI confirmed the heist, stating that North Korea was responsible and warning that the hackers are "proceeding rapidly" with their plans.

The Heist

In a matter of minutes, malware was used to trick ByBit into approving transactions to wallets owned by hackers, allowing the stolen funds to be quickly funnelled across the internet to other crypto exchanges and anonymous wallets. This marked the largest crypto heist in history, with the stolen digital currency being exchanged for Bitcoin and other virtual assets dispersed across thousands of addresses on multiple blockchains.

The Lazarus Group

Following an investigation by Elliptic, patterns emerged that pointed to a link between the hackers and one of the world's most notorious hacking outfits – the Lazarus Group. The group is backed by North Korea and has been linked to numerous high-profile cyber attacks.

Lazarus Modus Operandi

According to Elliptic, the Lazarus Group's modus operandi involves exchanging stolen crypto tokens for a "native" blockchain asset such as Ether. This is because tokens have issuers who can freeze wallets containing stolen assets, whereas there is no central party who can freeze Ether or Bitcoin.

Laundering and Conversion

The hackers are using automated tools and working in shifts around the clock to convert the stolen digital currency into cash. This sophisticated operation involves sending the stolen funds through a series of crypto wallets to conceal and complicate the transaction trail, giving the hackers valuable time to cash out the assets.

Recovery Efforts

British blockchain analytics firm Elliptic is working closely with businesses and law enforcement agencies to track down the stolen funds. The firm's software has already alerted businesses to proceeds from this theft, leading to the seizure of some of the funds stolen from ByBit.

Expert Warning

Experts warn that the move could be a broader strategy by the North Korean regime to generate revenue from cybercrime. The $1.46 billion stolen in the heist nearly equalling Pyongyang's annual defence budget, and experts caution that this is just the beginning.

The Future of Crypto Security

The ByBit hack highlights the need for greater security measures within the crypto industry. As hackers become more sophisticated in their operations, it is essential for businesses and individuals to stay vigilant and invest in robust cybersecurity solutions to protect themselves from future attacks.