North Korean cybercrime group, the Lazarus Group, is suspected to be behind each the $1.4 billion Bybit hack and the $29 million Phemex hack, in keeping with the newest onchain proof.
The Feb. 21 Bybit exchange hack resulted within the largest crypto theft in history, with attackers stealing greater than $1.4 billion in liquid-staked Ether (stETH), Mantle Staked ETH (mETH) and different ERC-20 tokens.
Blockchain safety analysts, together with Arkham Intelligence and onchain sleuth ZachXBT, have traced the attack to the Lazarus Group.
New onchain findings have revealed that the identical Lazarus Group-affiliated wallets have been behind January’s $29 million Phemex hack in January.
“Lazarus Group simply related the Bybit hack to the Phemex hack instantly on-chain commingling funds from the preliminary theft handle for each incidents,” ZachXBT wrote in a Feb. 22 X publish.
Supply: ZachXBT
In keeping with onchain information, Phemex’s scorching wallets have been drained for $29 million value of digital property via over 125 particular person transactions recorded throughout 11 blockchain networks earlier than the attackers began changing the funds into Ether (ETH) through crypto mixing protocols like Tornado Cash, making them tough to hint.
The Bybit hack alone accounts for more than half of the $2.3 billion stolen in crypto-related hacks in 2024, marking a big setback for the trade.
In keeping with Meir Dolev, co-founder and chief technical officer at Cyvers, the assault shares similarities with the $230 million WazirX hack and the $58 million Radiant Capital hack. Dolev mentioned the Ethereum multisig chilly pockets was compromised via a misleading transaction, tricking signers into unknowingly approving a malicious good contract logic change.
“Evidently Bybit’s ETH multisig chilly pockets was compromised via a misleading transaction that tricked signers into unknowingly approving a malicious good contract logic change.”
This allowed the hacker to achieve management of the chilly pockets and switch all ETH to an unknown handle,” Dolev advised Cointelegraph.
Associated: Pig butchering scams stole $5.5B from crypto investors in 2024 — Cyvers
Lazarus Group linked to a few of the greatest crypto heists
The North Korean Lazarus Group is the first suspect in a few of the most infamous hacking incidents, together with the $600 million Ronin network hack and the $230 million hack on the WazirX change.
All through 2024, North Korean hackers stole over $1.34 billion value of digital property throughout 47 incidents, a 102% improve from the $660 million stolen in 2023, according to Chainalysis information.
North Korea hacking exercise. Supply: Chainalysis
This accounted for 61% of the overall crypto stolen in 2024.
Associated: 3 crypto predictions going into 2025: SOL ETFs, AI trading, new threats
The US, Japan and South Korea issued a joint warning on Jan. 14, cautioning concerning the rising menace of North Korean hackers concentrating on the crypto trade.
Over the previous 12 months, North Korean hackers have been additionally liable for the $305 million DMM Bitcoin hack, the $50 million Upbit hack, the $50 million Radiant Capital hack and the $16 million Rain Administration hack, in keeping with joint assertion.
The assertion got here practically three weeks after South Korean authorities sanctioned 15 North Koreans for allegedly producing funds for North Korea’s nuclear weapons improvement program via cryptocurrency heist and cyber theft.
Journal: ETH whale’s wild $6.8M ‘mind control’ claims, Bitcoin power thefts: Asia Express
Source link