North Korean Hackers Steal $1.4 Billion in Ethereum

The largest crypto hack in history, valued at $1.4 billion in Ethereum, has been attributed to North Korean hackers who exploited a vulnerability in the infrastructure of Safe, a crypto wallet provider used by Bybit. According to independent audits by Verichains and Sygnia Labs, the hackers injected malicious JavaScript code directly into Safe's online infrastructure, hosted on AmazonAMZN-- Web Services.

The malicious code was designed to activate only when interacting with Bybit's contract address. Once Bybit did, two days later, the code drained $1.4 billion worth of Ethereum and related tokens from the crypto exchange. The hackers then updated Safe's infrastructure to remove the malicious code and disappeared without a trace.

Bybit has stated that its infrastructure was not compromised, and it moved the majority of funds out of its Safe-administered wallets following the attack. Safe acknowledged the findings of the audits, attributing the hack to a compromised developer machine, but claimed no vulnerabilities in its smart contracts or front-end source code. The company has since rebuilt and reconfigured its infrastructure and changed all its credentials.

The Bybit hack has raised concerns about the security of the crypto industry, with experts warning that the threat of bad actors like North Korea has not been taken seriously enough. Despite the blame game, the focus should be on improving security measures to prevent future attacks.