Major Dubai-based cryptocurrency exchange Bybit Technology had $1.5 billion pilfered by North Korean hacking collective Lazarus Group as part of the world's largest single cryptocurrency heist so far, SiliconAngle reports.
Attackers exploited vulnerabilities to take over Bybit's "cold" Ethereum wallet during a routine fund transfer to the cryptocurrency platform's "warm" wallet and facilitated the unauthorized delivery of 401,000 ETH to their controlled wallet, said Bybit in a series of posts on X, which later noted successfully freezing almost $43 million of the exfiltrated funds and the removal of an affiliated token. Such an intrusion was first linked to Lazarus Group by cybersecurity researcher ZachXBT, who was reported by crypto intelligence company Arkham Intelligence to have provided analyses of connected wallets and test transactions, as well as forensics graphs to Bybit. ZachXBT later disclosed in a post on X that Lazarus was also involved in last month's attack against Singaporean cryptocurrency exchange Phemex, which resulted in the theft of over $69 million.
Attackers exploited vulnerabilities to take over Bybit's "cold" Ethereum wallet during a routine fund transfer to the cryptocurrency platform's "warm" wallet and facilitated the unauthorized delivery of 401,000 ETH to their controlled wallet, said Bybit in a series of posts on X, which later noted successfully freezing almost $43 million of the exfiltrated funds and the removal of an affiliated token. Such an intrusion was first linked to Lazarus Group by cybersecurity researcher ZachXBT, who was reported by crypto intelligence company Arkham Intelligence to have provided analyses of connected wallets and test transactions, as well as forensics graphs to Bybit. ZachXBT later disclosed in a post on X that Lazarus was also involved in last month's attack against Singaporean cryptocurrency exchange Phemex, which resulted in the theft of over $69 million.