A $1.19 billion crypto theft has allegedly have been carried out by cyber criminals from North Korea, feared to be "the worst hack in history". Dubai-based Bybit exchange confirmed the major heist, which saw the group of hackers seize control of an Ethereum wallet and remove all of its £1 billion contents.
Bybit CEO Ben Zhou posted on X that it was "the worst hack in history", adding: "Bybit is solvent even if this hack loss is not recovered, all of clients assets are 1 to 1 backed, we can cover the loss.". He added that more than 350,000 withdrawal requests had been made to his firm following the hack attack.
He said: "ALL withdraws have been processed.". Notorious North Korean hackers Lazarus Group are suspected to be behind the attack. Blockchain analytics firm Arkham Intelligence posted online that one of their trusted secret sources had provided them with evidence that Lazarus Group was responsible for the stunt.
Officials have yet to confirm the perpetrators despite Arkham Intelligence's claims. Bybit stated that the incident has been reported to police and added: "We have fortunately worked quickly and extensively with on-chain analytics providers to identify and demix the implicated addresses.".
Bybit offers various cryptocurrencies to users and has amassed a monumental £15 billion in assets since it was founded in 2018. However, the £1 billion hack attack caused Ethereum's share value to drop by four per cent at the end of last week. North Korea has been implicated in previous major hacks. A previous crypto theft in 2024 saw hackers from the hermit kingdom steal around $800 million, according to Redboard.
Intelligence platform Recorded Future claims North Korean digital criminal made off with $1.7 billion in 2022. In December 2023, the UK and South Korea have warned that cyber attacks from North Korean state-linked groups are growing in sophistication and volume.
In a joint advisory issued by the two nations’ cyber security and intelligence agencies, they urged organisations to boost their security measures to reduce the risk of their systems being breached. The UK’s National Cyber Security Centre (NCSC), part of GCHQ, and the South Korean National Intelligence Service (NIS) said they observed hackers exploiting previously unknown vulnerabilities in third-party software in supply chains in order to gain access to an organisation’s systems.
The two agencies warned that such attacks on the software-based supply chain pose a particularly significant threat, as it means a single initial compromise can affect a number of organisations and lead to onward attacks, resulting in greater disruption or ransomware being deployed.
