$1.5B stolen in Bybit crypto heist, North Korean hackers blamed
Photo: Reuters
A cybersecurity firm has claimed that North Korean hackers orchestrated a sophisticated cyberattack, stealing approximately $1.5 billion in digital assets from Bybit, a major cryptocurrency exchange.
Dubai-based Bybit confirmed the breach, calling it the largest crypto heist to date. The exchange reported that hackers infiltrated its systems and siphoned off over $1.5 billion in assets, raising serious concerns about the security of digital currency platforms.
In a statement, TRM Labs a blockchain intelligence firm specializing in financial crime investigations claimed with "high confidence" that the attack was orchestrated by North Korean-linked hackers. However, the firm did not provide direct evidence to support the claim, relying instead on an analysis of transaction patterns.
TRM’s allegations and tracking efforts
"TRM has determined – with high confidence – that the Bybit hack was perpetrated by North Korean hackers," the firm stated, adding that its conclusion was based on “substantial overlaps” between addresses controlled by the Bybit hackers and those previously linked to other North Korean cyber heists.
According to TRM, the firm was able to tag and monitor, in real-time, the movement of the stolen Ethereum tokens worth $1.5 billion.
The FBI has not yet commented on the allegations, and no independent verification of TRM’s claims has been made by law enforcement agencies.
Previous accusations against North Korean hackers
North Korea has been frequently accused of high-value cryptocurrency thefts. In December 2023, US and Japanese authorities, including the FBI, the Pentagon, and Japan’s National Police Agency, issued a joint statement blaming North Korean state-sponsored hackers for the $308 million theft from a Japanese crypto firm.
Despite these allegations, Pyongyang has repeatedly denied involvement in cybercrime.
Bybit’s response to the hack
Bybit confirmed that an unauthorized transaction had taken place during a routine transfer of Ethereum digital wallets. The exchange said an attacker had manipulated the transfer process and diverted funds to an unidentified address.
Bybit attempted to reassure its customers, stating that the hack had not compromised their personal holdings. However, the incident triggered a surge in withdrawal requests, leading to delays in processing transactions.
Bybit CEO Ben Zhou addressed concerns on social media, asserting that the company remains financially stable even if the stolen funds are not recovered.
While TRM’s claims point to North Korea, no conclusive proof has been presented linking the hackers to Pyongyang, and the investigation remains ongoing.