The cryptocurrency and blockchain landscape continues to evolve, with new projects emerging alongside established market leaders.
A recent report by Sygnia and Verichains has shed light on a significant cryptocurrency heist from Bybit, executed by Lazarus Group, a North Korean hacking group. Their investigation, published in the New Chain analysis, linked a malicious JavaScript code used in the breach to Lazarus Group's activities, specifically targeting Bybit's Ethereum Multisig Cold Wallet.
The heist, which occurred in November 2022 and saw cryptocurrency to the tune of $1.5 billion stolen, was initially reported by the FBI, who also confirmed the involvement of TraderTraitor group, known for hacking and draining cryptocurrency exchanges. Among the stolen cryptocurrency was a large sum of Ethereum, rapidly converted by the hackers into Bitcoin and other cryptocurrencies to obfuscate the transactions.
As reported by Blockware, the cryptocurrency exchange, Bybit, was defrauded to an enormous scale. At the time, the cryptocurrency exchange confirmed the occurrence of the incident but opted not to disclose any further details. Nonetheless, an analysis by Sygnia and Verichains identified a malicious JavaScript code used in the breach and linked it back to Lazarus Group's activities.
Their investigation, published in the New Chain analysis, uncovered a payload deployed by Lazarus Group, targeting Bybit's Ethereum Multisig Cold Wallet. This code snippet was written in JavaScript and included a function named "handleMessage," designed to intercept and process messages from the webassembly module.
The analysis further revealed that the malicious actors were able to deposit the stolen cryptocurrency into various cryptocurrency mixers in an attempt to launder the funds and mask the source of the theft. Their investigation also linked the payloads used in the Bybit attack to previously known Lazarus Group campaigns, reinforcing the group's involvement in the breach.
Disclaimer:info@kdj.com
The information provided is not trading advice. kdj.com does not assume any responsibility for any investments made based on the information provided in this article. Cryptocurrencies are highly volatile and it is highly recommended that you invest with caution after thorough research!
If you believe that the content used on this website infringes your copyright, please contact us immediately (info@kdj.com) and we will delete it promptly.
