North Korea is behind US$1.5bn crypto heist: FBI

The FBI on Wednesday accused North Korea of being behind the theft of US$1.5 billion of digital assets last week, the largest crypto heist in history.

The FBI is warning about a group called TraderTraitor, also known as the Lazarus Group, who are procceding rapidly and have converted some of the stolen assets to bitcoin and other virtual assets dispersed across thousands of addresses on multiple blockchains.

It is expected these assets will be further laundered and eventually converted to fiat currency.

The bureau said that last week's heist saw about $1.5 billion in digital assets stolen from cryptocurrency exchange, Bybit, which is based in Dubai, United Arab Emirates.

The exchange reported last week that attackers exploited security protocols during a transaction, enabling them to transfer the assets to an unidentified address.

The U.S. government has pointed the finger at Pyongyang.

“[North Korea] was responsible for the theft of approximately $1.5 billion in virtual assets from cryptocurrency exchange, Bybit, in an incident that began last week,” the FBI said in a public service announcement.

The agency said that TraderTraitor, also known as the Lazarus Group, is proceeding rapidly and has converted some of the stolen assets to bitcoin and other virtual assets dispersed across thousands of addresses on multiple blockchains.

“It is expected these assets will be further laundered and eventually converted to fiat currency.”

Lazarus Group gained notoriety a decade ago when it was accused of hacking into Sony Pictures as revenge for The Interview, a film that mocked North Korean leader Kim Jong-un.

It was also allegedly behind the 2022 $620 million heist of ethereum and USD coin from the Ronin Network in 2022, previously the biggest crypto theft in history.

In December last year, the U.S. and Japan blamed it for the theft of more than $300 million of ryptocurrency from the Japan-based exchange DMM Bitcoin.

North Korea’s cyberwarfare program dates back to at least the mid-1990s, and the country has been dubbed “the world’s most prolific cyberthief” by a cybersecurity firm.

Pyongyang’s program has grown to a 6,000-strong cyberwarfare unit known as Bureau 121 that operates from several countries, a 2020 U.S. military report said.

A UN panel on North Korea’s evasion of sanctions last year estimated the nation has stolen more than $3 billion in cryptocurrency since 2017.

Much of the hacking activity is reportedly directed by Pyongyang’s Reconnaissance General Bureau, its primary foreign intelligence agency.

Money stolen helps to fund the country’s nuclear weapons program, the panel said.