The cryptocurrency industry and those responsible for securing it are still in shock following Friday's heist, likely by North Korea, that drained $1.5 billion from Dubai-based exchange Bybit
Dubai cryptocurrency exchange Bybit was hit with a massive heist on Friday, with attackers making off with a record-breaking $1.5 billion in digital assets. The theft occurred when an unknown entity managed to transfer a large sum of ethereum and staked ethereum coins from Bybit’s Multisig Cold Wallet to one of the exchange’s hot wallets, before moving the cryptocurrency out of Bybit entirely and into wallets controlled by the attackers.
According to researchers at blockchain analysis firm Elliptic, the techniques and flow of the subsequent laundering of the funds bear the signature of threat actors working on behalf of North Korea. The revelation comes as little surprise, given that the isolated nation has a well-documented history of cryptocurrency theft, largely to fund its weapons of mass destruction program.
Multisig cold wallets, also known as multisig safes, are considered one of the gold standards for securing large sums of cryptocurrency. Typically, a multisig cold wallet will require multiple parties to sign off on any transaction, making it much more difficult for attackers to clear out the wallet without being detected.
In this case, however, the threat actors managed to clear this hurdle by exploiting a vulnerability in Bybit’s hot wallet setup. Specifically, the attackers were able to use a compromised employee’s credentials to access the exchange’s AWS console, where they could view the private keys for the hot wallets. With these keys in hand, the attackers were able to move the cryptocurrency out of Bybit’s cold wallet and into their own wallets.
The theft was discovered by Bybit officials several hours after it occurred, and the exchange quickly notified its users of the incident. Bybit also stated that it had frozen all user withdrawals and was working with law enforcement to investigate the theft.
Disclaimer:info@kdj.com
The information provided is not trading advice. kdj.com does not assume any responsibility for any investments made based on the information provided in this article. Cryptocurrencies are highly volatile and it is highly recommended that you invest with caution after thorough research!
If you believe that the content used on this website infringes your copyright, please contact us immediately (info@kdj.com) and we will delete it promptly.
