The FBI has charged hackers associated with North Korea for orchestrating one of the most significant cryptocurrency heist, appropriating approximately $1.5 billion in Ethereum from a firm located in Dubai.
This theft, which occurred earlier this month and targeted Bybit, one of the globe’s largest crypto exchanges, marks yet another incident linked to a group of hackers identified by the U.S. authorities as TraderTraitor and the Lazarus Group.
These hackers acquire cryptocurrency “by distributing trading applications that have been altered to embed malware designed to facilitate the theft of digital currencies,” the FBI stated.
In a public service announcement released online late Wednesday, the FBI expressed its belief that the North Korean-affiliated hackers were “accountable for the larceny.”
“TraderTraitor operatives are acting swiftly and have converted portions of the pilfered resources into Bitcoin and other virtual currencies that have been scattered across myriad addresses on various blockchains,” the FBI mentioned in its statement. “These assets are likely to be further laundered and ultimately changed into fiat currency.”
North Korean state media has yet to acknowledge the theft or the claims made by the FBI.
Nevertheless, according to South Korea’s intelligence agency, North Korea is estimated to have pilfered around $1.2 billion in cryptocurrency and other digital assets over the last five years.
A panel of U.N. experts has additionally stated that it is examining 58 suspected cyberattacks by North Korea from 2017 to 2023, which resulted in the theft of around $3 billion to “reportedly assist in funding the nation’s development of weapons of mass destruction.”
Ben Zhou, co-founder and CEO of Bybit, recognized the FBI’s statement in a post on the social platform X, linking to a site that offers $140 million in rewards for tracing the stolen cryptocurrency and ensuring it is frozen by other exchanges.
Bybit has reported that a routine transfer of Ethereum, one of the most renowned cryptocurrencies, from a so-called “cold” or offline wallet was “tampered with” by an attacker who redirected the digital currency to an unknown address.
The blockchain analytics company Certik has labeled the theft as “the most significant breach” in the annals of blockchain transactions.