ROME -- The FBI has accused North Korean-linked hackers of orchestrating one of the largest publicly known cryptocurrency thefts. The hackers reportedly seized approximately $1.5 billion worth of Ethereum from a Dubai-based firm. This significant theft, which occurred earlier this month, targeted Bybit, a leading crypto exchange. The hackers involved have been identified by the U.S. government as the TraderTraitor and Lazarus Group.
The FBI has revealed that these hackers steal cryptocurrency by disseminating cryptocurrency trading applications modified to include malware, which facilitates the theft of cryptocurrency. In an online public service announcement late Wednesday, the FBI stated its belief that the North Korean-backed hackers were responsible for the theft.
"TraderTraitor actors are proceeding rapidly and have converted some of the stolen assets to Bitcoin and other virtual assets dispersed across thousands of addresses on multiple blockchains," the FBI noted. "It is expected these assets will be further laundered and eventually converted to fiat currency."
North Korean state media has not acknowledged either the theft or the FBI accusation. Pyongyang's mission to the United Nations in Geneva did not immediately respond to a request for comment from The Associated Press. However, it is estimated that North Korea has stolen about $1.2 billion in cryptocurrency over the past five years, according to South Korea's spy agency. This represents a crucial source of foreign currency to support its fragile economy and fund its nuclear program amidst intense U.N. sanctions and strict border closures during the coronavirus pandemic.
A U.N. experts panel is investigating 58 suspected cyberattacks by North Korea from 2017 to 2023, which reportedly resulted in $3 billion being stolen to fund the country's development of weapons of mass destruction. Bybit co-founder and CEO, Ben Zhou, acknowledged the FBI's announcement on a social platform and linked to a website offering $140 million in bounties for tracking the stolen crypto and getting it frozen by other exchanges.
Bybit has stated that a routine transfer of Ethereum from a "cold" or offline wallet was manipulated by an attacker, who transferred the crypto to an unidentified address. The blockchain analytics firm Certik has described this incident as “the largest breach” in the history of blockchain transactions.
