朝鮮隸屬黑客可能已經縮減了他們的行動

加密工業在2月21日被巨大的黑客震撼

North Korea-affiliated hackers may have scaled back their operations in the second half of 2024 while preparing for what became the largest crypto hack in history.

朝鮮隸屬的黑客可能在2024年下半年進行了縮減業務，同時準備成為歷史上最大的加密黑客攻擊。

The crypto industry was rocked by the enormous hack on Feb. 21 when Bybit lost over $1.4 billion to the infamous North Korean Lazarus Group, which seems to have prepared the attack months in advance.

加密貨幣行業在2月21日被巨大的黑客震撼，當時拜比特（Bybit）損失了超過14億美元，臭名昭著的北朝鮮拉扎魯斯集團（Lazarus Group），這似乎已經提前準備了襲擊事件。

According to blockchain analytics firm Chainalysis, illicit activity tied to North Korean cyber actors sharply declined after July 1, 2024, despite a surge in attacks earlier that year.

根據區塊鏈分析公司的鏈分析，儘管當年早些時候襲擊激增，但在2024年7月1日之後與朝鮮網絡參與者相關的非法活動急劇下降。

Slowdown in North Korean hacking activity after July 1.

7月1日之後的朝鮮黑客活動放緩。

This slowdown in crypto hacks by North Korean agents had raised significant red flags, according to Eric Jardine, Chainalysis cybercrimes research Lead.

據鏈球菌研究負責人埃里克·賈丁（Eric Jardine）表示，朝鮮特工的加密貨幣黑客攻擊的這種放緩已經升高了巨大的危險信號。

North Korean hacking activity before and after July 1. Source: Chainalysis

7月1日之前和之後的朝鮮黑客活動。來源：鏈分析

North Korea’s slowdown “started when Russia and DPRK [North Korea] met for their summit that led to a reallocation of North Korean resources, including military personnel to the war in Ukraine,” Jardine told Cointelegraph during the Chainreaction show on March 26, adding:

北朝鮮的放緩“始於俄羅斯和朝鮮（朝鮮）開會，導致北朝鮮資源的重新分配，包括烏克蘭戰爭的軍事人員，”賈丁在3月26日的連鎖節目中告訴Cointelegraph，並補充說：

The slowdown that we observed could have been a regrouping to select new targets, probe infrastructure, or it could have been linked to those geopolitical events.

我們觀察到的放緩本可以是選擇新目標，探針基礎架構，或者它可能與這些地緣政治事件相關聯。

It took the Lazarus Group 10 days to launder 100% of the stolen Bybit funds through the decentralized crosschain protocol THORChain, Cointelegraph reported on March 4.

CoIntelegraph於3月4日報導說，拉撒路集團花了10天的時間才通過分散的交叉鏈協議Thorchain洗錢100％。

Still, blockchain security experts were hopeful that a portion of the funds could be frozen and recovered by Bybit. As of March 20, over 80% of the stolen $1.4 billion was still traceable as blockchain investigators continue their efforts to freeze and recover the funds.

儘管如此，區塊鏈安全專家還是希望一部分資金可以凍結並由拜特比特恢復。截至3月20日，由於區塊鏈調查人員繼續努力凍結和收回資金，但被盜14億美元的80％以上仍然可以追溯。

How hackers staged the world’s biggest crypto hack

黑客如何上演世界上最大的加密黑客

The Bybit attack highlights that even centralized exchanges with strong security measures remain vulnerable to sophisticated cyberattacks, analysts said.

分析師說，BYBIT攻擊的重點是，即使是具有強大安全措施的集中交流仍然容易受到復雜的網絡攻擊的影響。

The attack shares similarities with the $230 million WazirX hack and the $58 million Radiant Capital hack, according to Meir Dolev, co-founder and chief technical officer at Cyvers.

Cyvers的聯合創始人兼首席技術官Meir Dolev表示，這次襲擊與2.3億美元的Wazirx Hack和5800萬美元的Radiant Capital Hack有著相似之處。

Dolev said the Ethereum multisig cold wallet was compromised through a deceptive transaction, tricking signers into unknowingly approving a malicious smart contract logic change.

多爾夫說，以太坊的Multisig Cold錢包是通過欺騙性交易妥協的，誘使簽名者在不知不覺中批准了惡意的智能合同邏輯變化。

“This allowed the hacker to gain control of the cold wallet and transfer all ETH to an unknown address,” Dolev told Cointelegraph.

“這使黑客可以控製冷錢包，並將所有ETH轉移到未知的地址中，” Dolev告訴Cointelegraph。

North Korea hacking activity. Source: Chainalysis

朝鮮黑客活動。來源：鏈分析

Throughout 2024, North Korean hackers stole over $1.34 billion worth of digital assets across 47 incidents, a 102% increase from the $660 million stolen in 2023, according to Chainalysis data.

根據Chainalysis數據，在2024年，朝鮮黑客在47起事件中偷走了價值超過13.4億美元的數字資產，比2023年被盜的6.6億美元增加了102％。

This accounted for 61% of the total crypto stolen in 2024.

這佔2024年加密貨幣總偷走的61％。