AInvest Newsletter
Daily stocks & crypto headlines, free to your inbox
North Korea's Lazarus Group Strikes Again: $1.46 Billion Crypto Heist
Generated by AI AgentCoin World
Sunday, Feb 23, 2025 5:38 am ET1min read
The North Korean Lazarus Group is suspected to be behind the recent $1.46 billion hack on the Bybit cryptocurrency exchange, according to blockchain analysis firm Arkham Intelligence. The hack, which involved the withdrawal of Ethereum tokens, is believed to be the largest ever on a centralized crypto exchange.
Arkham Intelligence offered a bounty of 50,000 ARKM tokens, worth around $30,000, for anyone who could identify the attackers responsible for the hack. Freelancer ZachXBT provided "definite proof" that the North Korean hacking group was behind the attack, leading to the conclusion that Lazarus, North Korea's elite state-sponsored hacking group, was responsible.
The attackers first withdrew the funds into a single wallet and then distributed them to multiple wallets. According to Nansen, a blockchain firm, the stolen funds were initially transferred to a primary wallet, which then distributed them across more than 40 wallets. The attackers converted all stETH, cmETH, and mETH to ETH before systematically transferring ETH in $27 million increments to over 10 additional wallets.
Bybit CEO Ben Zhou urged customers to remain calm and assured them that 80% of the funds were recovered by using bridge loans to replace the stolen money. Despite the current bank run on Bybit, Zhou assured users that withdrawals would not be blocked and that customers would have access to their funds.
ZachXBT has yet to release all data pointing to the Lazarus group. His analysis involved tracking online connections between wallet addresses until, with the assistance of a colleague, he was able to narrow down the suspects to the North Korean hacking group. ZachXBT found a connection between the wallets used in the Bybit hack and the wallets used in the $85 million hack of Singapore-based exchange Phemex.
The attack appears to have been caused by Blind Signing, in which the smart contract is approved without complete knowledge of its contents. This attack vector is quickly becoming the favorite form of cyber attack used by advanced threat actors, including North Korea. It's the same type of attack that was used in the Radiant Capital breach and the WazirX incident.
The stolen funds are unlikely to be returned because North Korea does not have an extradition agreement with the United States. The North Korean hacking group
Coin World
Quickly understand the history and background of various well-known coins
Latest Articles
XRP News Today: Vanguard Shifts Stance on Crypto ETFs, Citing Matured Markets and Demand
Dec.02 2025
Alphabet's AI Ecosystem Fuels Flywheel Growth, Propelling Stock 68% in 2025
Dec.02 2025
Striking Baristas Secure $38.9M in Restitution, But Contract Battles Brew On
Dec.02 2025
Bitcoin News Today: Bitcoin's RSI Signals Cyclical Reset as Market Waits for Fed's Decisive Move
Dec.02 2025
Corporate Strategies Test Balance Between Growth and Sustainability
Dec.02 2025
Ainvest News articles are AI-generated using advanced large language model (LLM) technology designed to analyze and synthesize publicly available data and news. While AI tools assist in producing initial drafts and insights, all AI generated content published on Ainvest is subject to comprehensive human editorial review before publication. A designated human editor reviews, verifies, and approves each article for factual accuracy, coherence, and compliance with AInvest Fintech Inc’s editorial and disclosure standards.
Despite these review procedures, the information provided may still contain inaccuracies, incomplete data, or time sensitive references due to the inherent limitations of AI generated analysis and evolving changes. The material is provided strictly for informational and educational purposes and does not constitute personalized investment, legal, or financial advice. Readers should independently verify all facts, figures, and statements before making any decision based on this content.
AInvest Fintech Inc. its affiliates, and partners accept no liability or responsibility for any direct or consequential losses arising from reliance on this content. All articles and analyses are subject to revision, update, or removal without prior notice to maintain accuracy and integrity in our publications.
Comments
No comments yet