In a shocking turn of events, hackers, believed to be working on behalf of the North Korean government, have successfully withdrawn at least $300 million from the largest digital currency heist in history, valued at $1.5 billion. The Lazarus Group, a notorious crime syndicate, stole the massive amount of digital assets from the ByBit cryptocurrency exchange platform just two weeks ago. Since then, a cat-and-mouse game has ensued between cybersecurity experts and the hackers, as they attempt to track and block the conversion of the stolen cryptocurrency into usable cash.
According to Dr. Tom Robinson, co-founder of Elliptic, a cryptocurrency crime investigation firm, North Korea is one of the most skilled nations in laundering cryptocurrency. It’s estimated that they have a team of experts utilizing automated tools and years of experience, working tirelessly to convert the cryptocurrency into cash, pausing only for a few hours a day, possibly working in shifts. This level of expertise has raised concerns that the hackers may be able to evade capture and successfully launder the stolen funds.
An analysis by Elliptic aligns with data from ByBit, indicating that approximately 20% of the stolen funds have already been lost in the dark, making it unlikely that they can be recovered. The United States and its allies have accused North Korea of orchestrating numerous hacking incidents over the past few years to raise funds for the country’s nuclear and missile programs.
The hackers’ modus operandi was to target one of ByBit’s suppliers on February 21, secretly changing the digital wallet address used to receive Ethereum coins. ByBit unknowingly transferred 401,000 Ethereum coins, worth millions, to the hackers’ wallet instead of their own. Ben Zhou, CEO of ByBit, has assured customers that their funds were not affected and that the company has reimbursed the stolen coins using investor loans. Zhou has also declared war on the Lazarus Group, stating that ByBit is committed to tracking down the hackers and recovering the stolen assets.
To combat the hackers, ByBit has launched the Lazarus Bounty program, which encourages the public to help track the flow of stolen funds and alert cryptocurrency companies to freeze transactions linked to the hackers. All cryptocurrency transactions are recorded on the blockchain, allowing for the tracking of Lazarus’ financial trail.
If the hackers attempt to use reputable cryptocurrency exchanges to exchange the coins for cash, such as dollars or euros, these companies can freeze the accounts and seize the funds if they detect any connection to the crime. So far, 20 participants in the bounty program have earned over 134 million baht (approximately $4 million) for helping to identify the location of the stolen funds and alerting cryptocurrency companies to block transactions worth over 1.349 billion baht (around $40 million).
However, experts believe that the chances of recovering the remaining stolen funds are slim, given North Korea’s expertise in laundering cryptocurrency. Dr. Dorit Dor, a cybersecurity expert from Check Point, notes that due to North Korea’s proficiency, most of the stolen funds may never be recovered and could be used to support the country’s arms programs. The investigation is ongoing, with the world watching to see if the hackers will be brought to justice and the stolen funds recovered.
