The notorious Lazarus Group has successfully laundered at least $300 million from a record $1.5 billion hack on ByBit, further complicating the struggle against cybercrime linked to state-sponsored actors.
North Korea's Lazarus Group Launders Hundreds of Millions from ByBit Heist
North Korea's Lazarus Group Launders Hundreds of Millions from ByBit Heist
North Korean hackers siphon off massive funds from ByBit, raising concerns over cybersecurity and international implications.
Hackers associated with North Korea's regime have reportedly laundered an estimated $300 million of the whopping $1.5 billion stolen from cryptocurrency exchange ByBit in an unprecedented digital heist. This complex operation, attributed to the infamous Lazarus Group, poses significant challenges for law enforcement and cybersecurity experts who are tracking the illicit funds.
Experts suggest the North Korean hacking collective is employing highly sophisticated tactics to obscure their financial trail in an effort to fund military developments. Dr. Tom Robinson, co-founder of the crypto investigation firm Elliptic, points out that the group is working nearly around the clock, possibly utilizing shift work to expedite the conversion of cryptocurrency into cash. "They seem to have perfected the art of laundering," he explains, highlighting their extensive resources and experience in handling stolen cryptocurrency.
Elliptic's findings support statements from ByBit, which disclosed that nearly 20% of the stolen funds have "gone dark," meaning the likelihood of recovery is diminishing. U.S. authorities and allied nations have accused North Korea of executing numerous cyberattacks in recent years, primarily intended to finance military and nuclear programs. The hackers executed the ByBit breach by diverting Ethereum coins to a manipulated wallet address, highlighting vulnerabilities in the exchange's security.
ByBit CEO Ben Zhou has publicly announced efforts to recover the lost assets, including a unique bounty initiative encouraging the public to identify and freeze stolen funds. As all cryptocurrency transactions are recorded on public blockchains, tracing the movements of the stolen assets is achievable. So far, a total of $4 million in rewards have been distributed to 20 individuals who have successfully alerted crypto firms about compromised funds.
However, challenges remain, as not all cryptocurrency exchanges are willing or equipped to help, leading to accusations against platforms like eXch for facilitating the laundering process. Owner Johann Roberts has contested these claims, arguing that his firm did not initially recognize the illegitimacy of the funds due to an existing dispute with ByBit.
The Lazarus Group has previously been linked to high-profile hacks, including the theft of $41 million from UpBit in 2019 and the $600 million Ronin Bridge breach in 2022. Despite the United States listing individuals associated with the group as Cyber Most Wanted, apprehension remains unlikely unless they venture outside North Korea.
Experts are increasingly skeptical about recovering stolen funds, citing North Korea's closed economy and established infrastructure for cybercrime. Dr. Dorit Dor from cybersecurity firm Check Point stresses that North Korea shows no concern for its negative image stemming from ongoing cyber activities, complicating international responses to these high-stakes crimes.
