Lazarus Group Confirmed as Culprits Behind Massive Crypto Heist

Key Details:

North Korea’s Lazarus Group is linked to the recent $1.5 billion hack on Bybit, reported by blockchain analytics firm Arkham Intelligence. The prominent analyst ZachXBT provided conclusive evidence of the attackers’ identity.
The breach was triggered by a method known as Blind Signing, enabling the hackers to effortlessly siphon off nearly $1.5 billion from the exchange.
Funds were initially transferred to a primary wallet before being disseminated across multiple wallets.

Detailed Report:

Arkham Intelligence disclosed that the Lazarus Group was indeed responsible for Bybit’s staggering hack amounting to $1.46 billion. In pursuit of identifying the intruders behind Friday’s incident, Arkham announced a bounty of 50,000 ARKM tokens on social media. Subsequently, ZachXBT presented corroborating evidence connecting the attack to the North Korean hacker outfit.

“His submission detailed test transactions and associated wallets utilized prior to the exploit, showcasing comprehensive forensic analyses,” stated Arkham.

Arkham’s analysis indicated that after extracting the funds, the hackers spread the assets to more than 40 wallets. The funds were gradually converted and transferred in increments of $27 million into various wallets.

Comment from Bybit’s CEO:

Ben Zhou commented on the attack, mentioning that the hacker gained control of a particular ETH cold wallet transferring its entire contents to an undisclosed address, assuring stakeholders that despite the loss, the exchange remains solvent.

Analysts’ Opinion:

Ido Ben Natan, from Blockaid, stated the rise of Blind Signing as a frequent method employed by high-level hackers, including North Koreans. He emphasized that vulnerabilities in current key management systems could lead to significant security risks in the signing processes among digital wallets.

Additional References:

For further insights, you might want to check the articles on: