- Blockchain analysts linked the Bybit and Phemex hacks to North Korea’s Lazarus Group.
- The Bybit hack alone accounts for over half of 2024’s crypto thefts.
- North Korean hackers stole $1.34 billion in 2024, a 102% improve from 2023.
North Korea’s Lazarus Group is suspected of hacking Bybit and Phemex. The Bybit hack on February 21 resulted in a $1.4 billion loss. Hackers primarily stole staked Ether and ERC-20 tokens. Blockchain consultants from Arkham Intelligence and ZachXBT recognized Lazarus-linked wallets used within the assault.
New information confirmed that the identical hackers breached Phemex in January. That assault led to a $29 million loss. Investigators discovered that stolen funds from each hacks had been blended, strengthening the hyperlink. This sample means that Lazarus Group is refining its hacking strategies.
How the Hackers Stole the Funds
Onchain information confirmed that Phemex’s scorching wallets had been drained in 125 transactions. The attackers focused 11 blockchain networks to keep away from detection. They later used Twister Money to transform stolen property into Ether.
Bybit’s breach was extra subtle and alarming. Hackers tricked trade signers into approving a sensible contract change. This gave them management over Bybit’s Ethereum multisig chilly pockets. Safety consultants consider the hackers used misleading transactions to control the system.
The assault resembled the $230 million WazirX hack. This similarity means that Lazarus Group is enhancing its strategies. The Bybit hack alone accounted for greater than half of all crypto thefts in 2024.
North Korea’s Growing Cyber Assaults
Lazarus Group has an extended historical past of focusing on crypto platforms. The group was accountable for the $600 million Ronin community hack. In 2024 alone, North Korean hackers stole $1.34 billion in digital property. This quantity is 102% larger than the $660 million stolen in 2023.
Governments worldwide are elevating considerations about North Korea’s cyber threats. The US, Japan, and South Korea issued a joint warning. They consider that stolen crypto funds North Korea’s nuclear weapons program.
South Korea sanctioned 15 North Koreans for financing hacking operations. Consultants are urging crypto exchanges to strengthen their safety methods. With out higher defenses, the danger of future assaults stays excessive.
