North Korea’s Latest Crypto Heist

North Korea has successfully pulled off its largest crypto heist to date, stealing approximately $1.4 billion worth of Ethereum, which translates to around 400,000 coins, from the cryptocurrency exchange ByBit. According to ByBit’s CEO, Ben Zhou, the company has managed to secure new funding to cover the losses and ensure that all withdrawals can be processed. However, this assurance may evoke memories of another exchange CEO who made similar promises before their exchange abruptly collapsed.

ByBit is offering a 10% bounty for any returned funds, but security researchers have already detected that around 10% of the stolen funds have been laundered and are likely irretrievable. The transparency of cryptocurrency transactions on public blockchains enabled researchers to quickly identify North Korea’s state-sponsored hacking group, Lazarus Group, as the perpetrator of this heist. As reported by TechCrunch, researchers observed that the stolen funds from ByBit were being mixed with funds from multiple other thefts attributed to North Korea, according to Tom Robinson, co-founder of blockchain monitoring firm Elliptic.

A History of Crypto Thefts

Lazarus Group has been responsible for a string of crypto thefts in recent years, including the notable attack on crypto gaming company Axie Infinity, which resulted in the theft of $625 million. North Korea’s push to develop its crypto-hacking capabilities was motivated by the tightened economic sanctions imposed in 2017, which banned the export of North Korean goods, including coal and textiles, in response to the country’s nuclear weapons testing. The decentralized nature of cryptocurrency has made it an attractive target, as there is no central authority that can freeze transactions or wallets, although some stablecoin providers like Tether can freeze sanctioned wallets.

The Bybit Attack

In the case of the Bybit attack, it appears that Lazarus Group employed social engineering tactics to deceive exchange employees into approving a transaction that they believed was routine but actually allowed hackers to alter contract language and gain control over a wallet holding customer funds. The exact details of the attack are still unclear, but it highlights the vulnerability of these exchanges, where human error can be the weakest link. Ironically, the cold wallet that was compromised was named "Genesis SAFE," which proved not to be as secure as its name suggested.

Converting Stolen Funds

While there are ways to make it difficult to convert stolen cryptocurrency into cash, North Korea has found methods to circumvent these obstacles, such as using mixing services that obscure the origin and destination of funds. The country is known to hold onto tens of millions of dollars’ worth of stolen cryptocurrency, suggesting that it is willing to wait until it can find a way to convert these funds into usable cash.

The Need for Regulations

Crypto skeptics argue that hacks like these demonstrate the need for regulations, as North Korea would not be able to steal fiat currency in the same way due to the strict anti-money laundering and know-your-customer laws that govern traditional banking. Proponents of crypto, on the other hand, argue that fraud can occur with fiat currency as well and that crypto mixing services are a matter of personal privacy, allowing individuals to protect their funds from becoming a target. This debate is likely to continue, with some high-profile figures, including former President Trump, showing support for the crypto industry.