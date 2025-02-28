North Korea Accused of Major Crypto Hack (Lazarus Group)

Kanako Mita and Noriko Watanabe

Modern Tokyo Times

The Lazarus Group (Guardians of Peace or Whois Team) is known for its hacking capabilities. Accordingly, a hack of $1.5 billion of crypto theft concerning ByBit was stolen by the Lazarus Group (alleged links to the government of North Korea).

ByBit managed to replenish reserves after the hack. This concerns other large deposits and emergency loans.

CNBC reports, “The company secured nearly 447,000 ether tokens through emergency funding from firms such as Galaxy Digital, FalconX, and Wintermute.”

The FBI said the stolen virtual assets from ByBit (a crypto trading platform based in Dubai) will naturally be turned into currency via various channels.

The FBI said: “TraderTraitor actors are proceeding rapidly and have converted some of the stolen assets to bitcoin and other virtual assets dispersed across thousands of addresses on multiple blockchains.”

Hackers stole from the digital coin wallet of Ethereum (the Ethereum cryptocurrency is valued second – with Bitcoin being the highest).

A malicious code by the Lazarus Group was planted into the infrastructure of Safe. Hence, the crypto wallet provider was manipulated. Therefore, the malicious code hacked into Safe and exposed ByBit.

Lee Jay Walker (Modern Tokyo Times analyst) says, “In 2022, only $30 million was recovered out of $600 million hacked from Axie Infinity by the Lazarus Group.”

Hence, the Lazarus Group, a polished and sophisticated cybercrime unit, will utilize the ByBit theft to boost the military capabilities of North Korea.

INCC Group said: “State actors are cyber threat groups that operate in the interests of their state. They generally engage in espionage, stealing sensitive information to benefit their homeland politically or economically; Sometimes, they perform sabotage, as part of broader military operations, for reasons of national security or to political ends. They are rarely financially motivated, and this is where the North Korean threat group known as Lazarus differs from most other state actors: starting in 2009, it robs banks and hacks into cryptocurrency exchanges to fill its state coffers.”

The BBC reports, “Cryptocurrencies, which have become popular with investors, have sparked division as many criticize their value for being based purely on speculation, allowing their value to be easily manipulated.”

Chainalysis says North Korea is “notorious for their sophisticated and relentless tradecraft, often employing advanced malware, social engineering, and cryptocurrency theft to fund state-sponsored operations and circumvent international sanctions.”

