FBI Accuses North Korean-Backed Hackers of Stealing $1.5 Billion in Crypto from Dubai-Based Firm
Rome (AP) — In a shocking revelation, the Federal Bureau of Investigation (FBI) has accused North Korean-backed hackers of conducting one of the largest cryptocurrency thefts in history, with losses estimated to be over $1.5 billion.
The targeted firm, Bybit, is one of the world's largest crypto exchanges, and the hacking incident earlier this month represents another instance of a team of hackers linked to the U.S. government by the names TraderTraitor and the Lazarus Group. The hackers allegedly used modified cryptocurrency trading applications infused with malware to facilitate the theft of cryptocurrency.
The FBI has issued an online public service announcement, stating that they believe the North Korean-backed hackers were responsible for the theft. According to the agency, the "TraderTraitor actors are proceeding rapidly and have converted some of the stolen assets to Bitcoin and other virtual assets dispersed across thousands of addresses on multiple blockchains." It is expected that these assets will be further laundered and eventually converted to fiat currency.
North Korea's state media has not acknowledged either the theft or the FBI accusation. However, North Korea has been linked to an estimated $1.2 billion in cryptocurrency and other virtual assets stolen over the past five years, according to South Korea's spy agency.
This represents a rare source of badly needed foreign currency for North Korea's fragile economy and to fund its nuclear program, which is severely impacted by intense U.N. sanctions and strict border closures during the coronavirus pandemic.
A Rare Source of Funding
According to a report by the United Nations experts panel, North Korea has stolen an estimated $3 billion in cryptocurrency and other virtual assets between 2017 and 2023, with some funds reportedly used to help fund the country's development of weapons of mass destruction.
A Sophisticated Hack
Bybit co-founder and CEO, Ben Zhou, acknowledged the FBI's announcement on social platform X by linking to a website offering $140 million in bounties for tracking the stolen crypto and getting it frozen by other exchanges. The company stated that a routine transfer of ethereum from a so-called "cold" or offline wallet was manipulated by an attacker who transferred the crypto to an unidentified address.
"It was a highly sophisticated hack that targeted cold wallets via a blind signing type of exploit, whereby the attackers create a fake interface that deceives users, since it is a near identical copy of the trusted platform," wrote Manuel Villegas, an analyst at Julius Baer.
A Record-Breaking Breach
The blockchain analytics firm Certik has described the theft as "the largest breach" in the history of blockchain transactions. The incident has seen overall crypto prices drop in recent days as investors have been spooked by the hack, despite the industry getting a boost from the election of U.S. President Donald Trump.
Regulatory Scrutiny
"The situation … is certainly painful for ByBit's customers and will likely raise additional regulatory scrutiny," Villegas added. The theft has highlighted the need for greater security measures in the cryptocurrency industry and raised concerns about the potential risks associated with blockchain transactions.