A notorious state-sponsored North Korean APT group was behind the world’s largest cryptocurrency heist late last week, the FBI has confirmed.
A brief Public Service Announcement (PSA) issued by the law enforcement agency on Febrary 26 attributed the attack on cryptocurrency exchange Bybit to the “TraderTraitor” group (aka Lazarus, APT38, BlueNoroff, and Stardust Chollima).
“TraderTraitor actors are proceeding rapidly and have converted some of the stolen assets to Bitcoin and other virtual assets dispersed across thousands of addresses on multiple blockchains,” it warned.
“It is expected these assets will be further laundered and eventually converted to fiat currency.”
Read more on crypto heists: Attackers Steal $618m From Crypto Firm.
The FBI’s attribution is consistent with Infosecurity reporting following the incident, which cited a report from London-based blockchain analysis firm Elliptic.
“Elliptic has attributed the Bybit theft to North Korea’s Lazarus Group, based on various factors, including our analysis of the laundering of the stolen crypto assets,” the firm said at the time.
“Lazarus Group has developed a powerful and sophisticated capability to not only breach target organisations and steal crypto assets, but also to launder these proceeds through thousands of blockchain transactions.”
The North Korean threat actors are currently thought to be working through the second of a two-stage money laundering process.
The first is to exchange stolen tokens for a “native” blockchain asset like Ether which can’t be frozen, while the second involves “layering” the stolen funds in order to obfuscate the transaction trail.
Within just two hours of the heist, the stolen funds were sent to 50 different wallets, which were subsequently emptied. The funds will then likely be routed via various channels in order to further throw investigators off the scent and confound efforts to block the actors from cashing out, Elliptic explained.
These include decentralized (DeFi) and centralized exchanges, cross-chain bridges, crypto mixers and an exchange called eXch which allows users to swap crypto assets anonymously.
FBI Urges Crypto Community to Take Action
The FBI urged the community to come together to help stop the North Korean group from converting the stolen crypto to fiat currency.
“FBI encourages private sector entities including RPC node operators, exchanges, bridges, blockchain analytics firms, DeFi services, and other virtual asset service providers to block transactions with or derived from addresses TraderTraitor actors are using to launder the stolen assets,” it said.
Its PSA listed around 50 Ethereum addresses apparently used by Lazarus during its money laundering activity.
Bybit has offered a reward of 10% of any recovered funds to anyone who can help it recover some of the $1.46bn in cryptocurrency stolen by Lazarus.
6 Comments
Website Scam Penipu Indonesia, NGENTOT NUNGGING SITUS SEXS
It?¦s really a great and useful piece of information. I am satisfied that you simply shared this helpful information with us. Please keep us up to date like this. Thank you for sharing.
Hi, i read your blog from time to time and i own a similar one and i was just wondering if you get a lot of spam responses? If so how do you stop it, any plugin or anything you can suggest? I get so much lately it’s driving me insane so any support is very much appreciated.
I’ve been absent for some time, but now I remember why I used to love this web site. Thank you, I will try and check back more often. How frequently you update your web site?
Este site é realmente fabuloso. Sempre que consigo acessar eu encontro novidades Você também pode acessar o nosso site e descobrir mais detalhes! conteúdo único. Venha saber mais agora! 🙂
You are my inhalation, I have few web logs and often run out from to brand.