On Friday, hackers stole around $1.4 billion in Ethereum cryptocurrency from Crypto Exchange Bybit.
After the hack, several blockchain surveillance companies and well-known crypto investigator ZachxBT pointed to a North Korean government hacking group known as the Lazaro Group, all as the perpetrators.
Zachxbt first pointed at the finger of responsibility, just hours after he himself noticed the first signs of hack. Researchers said they were able to track stolen cryptocurrencies from Bibit to wallets they used in previous hacks, as well as wallets for Phemex, Bingx and Poloniex.
When TechCrunch asked that North Korea's confident Zachxbt behind the Bibit Hacks pointed out the previous hacking, saying it was “100%.” “Law enforcement is treating it that way too,” Zachxbt said.
Blockchain monitoring company Elliptic has also reached the same conclusion. “A few minutes after the theft from Bibit, the ellipse team has been working 24 hours a day with Bibit, customers and fellow investigators to track these funds and prevent the North Korean regime from profiting from them. “I did it,” Elliptic wrote in a blog post.
Elliptic said it believes North Korean hackers will be responsible. The company added that the Lazarus Group will wash the stolen codes according to “characteristic patterns.”
Please contact us. Is there any more information about Bibit Hacks and other crypto robberies? From unprocessed devices and networks, you can safely contact Lorenzo Franceschi-Bicchierai with a signal of +1 917 257 1382, via Telegram and Keybase @lorenzofb, or by email. You can also contact TechCrunch via SecureDrop.
North Korea is a prolific code stealer. According to a UN panel, the administration's hackers are linked to at least 58 code robbers. The US, Japan and South Korea governments say Kim Jong-un's government stole multiple crypto hacks and robberies in 2024, over $650 million.
Tom Robinson, co-founder and chief scientist of Elliptic, told TechCrunch that it belongs to the fact that “financial stolen from Bybit is confused with funds from theft that contributed to multiple DPRKs.” Masu.
“The washing methods used are also very similar to those seen previously at DPRK,” Robinson said. “And more, a few other factors that I can't share.”
Blockchain intelligence firm TRM Labs also concluded “with confidence” that North Korea was behind the Buybit Hack, the company said in a blog post Friday.
Bybit spokesman Tony Au declined to comment on the North Korean link, saying, “Our team is still under investigation.”
North Korea's permanent mission to the United Nations did not respond to TechCrunch's request for comment.