FBI: Lazarus Group behind $1.5 billion Bybit heist
The FBI has confirmed that the notorious cyber threat group, known as the Lazarus Group, was behind the largest cryptocurrency heist to date, a supply chain attack on Dubai-based cryptocurrency exchange Bybit that netted hackers a staggering $1.5 billion.
According to the FBI's public service announcement (PSA), the attack occurred earlier this month and targeted Bybit's cold wallet hosted by SafeWallet, allowing cybercriminals to steal 1.3 million ether. The stolen assets were then converted into bitcoin and spread across thousands of addresses on multiple blockchains, making it difficult for authorities to track.
Blockchain analytics vendor Certik described the heist as "the largest breach in Web3 history," while Bybit CEO Ben Zhou stated that the cybercriminals compromised SafeWallet's infrastructure, using malicious code originating from the company's own developer to gain access.
SafeWallet shared a statement on the incident, confirming that their forensic review concluded that the attack targeted the Bybit Safe was achieved through a compromised machine of a SafeWallet developer. In response, SafeWallet bolstered its security protocols, including adding a pop-up message to its site urging users to always verify transactions.
The FBI's confirmation that North Korea's Lazarus Group is behind the heist marks the latest in a string of high-profile attacks attributed to the group. In 2022, the FBI confirmed that Lazarus was behind the attack against Axie Infinity, which resulted in the theft of $620 million in cryptocurrency.
The U.S. Office of Foreign Assets Control later sanctioned Blender.io after Lazarus threat actors laundered some of the stolen assets through the mixing service. The group's activities pose a significant threat to other organizations and industries, including the healthcare sector, where the Health Sector Cybersecurity Coordination Center warned that Lazarus was actively targeting companies.
The Bybit heist serves as a stark reminder of the increasing sophistication and brazenness of cryptocurrency attacks in recent years. As the cyber threat landscape continues to evolve, it is essential for organizations and individuals alike to remain vigilant and take proactive steps to protect themselves from such threats.
Bybit Hack Forensics Report
The preliminary reports on the hack conducted by @sygnia_labs and @Verichains are available for download. Screenshots of the conclusion can be viewed below, and a link to the full report is also provided.
[Insert screenshot of conclusion]
[Insert link to full report]
About the Author
Arielle Waldman is a news writer for Informa TechTarget covering enterprise security. She brings her expertise in cybersecurity to provide readers with accurate and engaging content on the latest threats and trends.