FBI Links Bybit Hack to North Korean Cybercriminals
The FBI has confirmed that the recent cyberattack on the Dubai-based Bybit cryptocurrency exchange was orchestrated by North Korean hackers. This breach resulted in the theft of nearly $1.5 billion, prompting the agency to urge crypto firms to take action against the laundering of the stolen funds. Bybit’s CEO, Ben Zhou, revealed that the hackers gained access to one of the exchange’s offline Ethereum wallets, leading to significant financial losses.
Details of the Attack
According to Bybit’s CEO Ben Zhou, the attack occurred when a hacker manipulated the signing message to alter the smart contract logic of the exchange’s Ethereum cold wallet. This manipulation allowed the hacker to gain control over the wallet and transfer all Ethereum assets to an unidentified address. Zhou stated, “The signing message was to change the smart contract logic of our ETH cold wallet,” which ultimately facilitated the theft.
The FBI’s announcement on February 26 highlighted the ongoing threat posed by North Korean cybercriminals, who are reportedly utilizing a method known as ‘TraderTraitor’ to convert the stolen funds into various cryptocurrencies. The agency noted that these assets are being dispersed across thousands of wallets, making tracking and recovery increasingly difficult. Arkham Intelligence has reported that the stolen assets are already being moved to new addresses for liquidation.
FBI’s Call to Action
In light of the attack, the FBI has released a list of 51 Ethereum wallet addresses linked to the stolen assets, urging private sector entities—including exchanges, blockchain analytics firms, and decentralized finance (DeFi) services—to block transactions associated with these addresses. The agency emphasized the importance of collaboration among crypto firms to prevent the laundering of stolen funds and to safeguard the integrity of the cryptocurrency ecosystem.
The FBI’s warning comes amid a surge in cryptocurrency-related crimes. A report from Chainalysis revealed that crypto hacks resulted in $2.2 billion in stolen funds in 2024, marking a 21 percent increase from the previous year. This alarming trend has prompted various crypto firms, including Tron, Tether, and TRM Labs, to form alliances aimed at combating cybercrime and assisting law enforcement in tracking illicit transactions.
Ongoing Investigation and Future Implications
Bybit is currently conducting an internal forensic investigation to understand the full scope of the breach. Preliminary findings indicate that malicious code was inserted into the exchange’s system, allowing hackers to access the wallet. However, Bybit has stated that there is no evidence of compromises within its internal systems, suggesting that the attack was executed through external vulnerabilities.
The exchange is committed to a thorough assessment of the incident and is working to enhance its security measures to prevent future attacks. As the cryptocurrency landscape continues to evolve, the need for robust security protocols and collaborative efforts among industry players becomes increasingly critical. The Bybit incident serves as a stark reminder of the vulnerabilities that exist within the crypto space and the ongoing threat posed by sophisticated cybercriminals.
Observer Voice is the one stop site for National, International news, Editor’s Choice, Art/culture contents, Quotes and much more. We also cover historical contents. Historical contents includes World History, Indian History, and what happened today. The website also covers Entertainment across the India and World.