North Korea-linked heist hits Bybit: £1.24bn stolen in attack
The cryptocurrency exchange Bybit has fallen victim to an attack resulting in the theft of digital assets valued at approximately £1.24 billion. Experts believe this to be the largest theft in the sector's history. The trail leads to North Korea.
The attack targeted the so-called cold wallet of the exchange, an offline storage system designed to provide a high level of security. The stolen funds, mainly in the form of ether, were swiftly transferred to various accounts. Subsequently, the perpetrators sold them via numerous platforms.
Ben Zhou, CEO of Bybit, reported on platform X that "all other cold wallets remain secure." He also added that the withdrawal process on the exchange is proceeding normally, intended to reassure users after the wave of panic triggered by the breach.
The trail leads to North Korea
Analysts specialising in blockchain, cited by CBNC, traced the path of the stolen cryptocurrencies. It was determined that after the theft, the funds ended up in numerous accounts and were quickly liquidated.
Experts from Elliptic linked the attack to the Lazarus hacking group, which the North Korean government sponsors. This organization has been known for years for stealing billions of pounds from the cryptocurrency sector. Analysts indicate that the group uses advanced methods to fund the regime's activities and employs complex money-laundering techniques that make tracking the flows difficult.
According to Elliptic reports, the latest incident surpasses previous thefts, such as the loss of approximately £505 million from Poly Network in 2021 or £471 million from Binance in 2022.
Exchange's response
Following the breach at Bybit, users began massively withdrawing their funds, fearing for the financial stability of the platform. Ben Zhou announced that the withdrawal situation had stabilised. The exchange secured a bridge loan from undisclosed partners to cover potential losses and ensure continuity of operations.
The history of the Lazarus group dates back to 2017, when it attacked four South Korean exchanges, stealing bitcoins valued at approximately £164 million. Since then, its activities have been monitored by law enforcement and analytical firms. Industry experts emphasise that such thefts continue to threaten the cryptocurrency market significantly.
