朝鲜隶属黑客可能已经缩减了他们的行动

加密工业在2月21日被巨大的黑客震撼

North Korea-affiliated hackers may have scaled back their operations in the second half of 2024 while preparing for what became the largest crypto hack in history.

朝鲜隶属的黑客可能在2024年下半年进行了缩减业务，同时准备成为历史上最大的加密黑客攻击。

The crypto industry was rocked by the enormous hack on Feb. 21 when Bybit lost over $1.4 billion to the infamous North Korean Lazarus Group, which seems to have prepared the attack months in advance.

加密货币行业在2月21日被巨大的黑客震撼，当时拜比特（Bybit）损失了超过14亿美元，臭名昭著的北朝鲜拉扎鲁斯集团（Lazarus Group），这似乎已经提前准备了袭击事件。

According to blockchain analytics firm Chainalysis, illicit activity tied to North Korean cyber actors sharply declined after July 1, 2024, despite a surge in attacks earlier that year.

根据区块链分析公司的链分析，尽管当年早些时候袭击激增，但在2024年7月1日之后与朝鲜网络参与者相关的非法活动急剧下降。

Slowdown in North Korean hacking activity after July 1.

7月1日之后的朝鲜黑客活动放缓。

This slowdown in crypto hacks by North Korean agents had raised significant red flags, according to Eric Jardine, Chainalysis cybercrimes research Lead.

据链球菌研究负责人埃里克·贾丁（Eric Jardine）表示，朝鲜特工的加密货币黑客攻击的这种放缓已经升高了巨大的危险信号。

North Korean hacking activity before and after July 1. Source: Chainalysis

7月1日之前和之后的朝鲜黑客活动。来源：链分析

North Korea’s slowdown “started when Russia and DPRK [North Korea] met for their summit that led to a reallocation of North Korean resources, including military personnel to the war in Ukraine,” Jardine told Cointelegraph during the Chainreaction show on March 26, adding:

北朝鲜的放缓“始于俄罗斯和朝鲜（朝鲜）开会，导致北朝鲜资源的重新分配，包括乌克兰战争的军事人员，”贾丁在3月26日的连锁节目中告诉Cointelegraph，并补充说：

The slowdown that we observed could have been a regrouping to select new targets, probe infrastructure, or it could have been linked to those geopolitical events.

我们观察到的放缓本可以是选择新目标，探针基础架构，或者它可能与这些地缘政治事件相关联。

It took the Lazarus Group 10 days to launder 100% of the stolen Bybit funds through the decentralized crosschain protocol THORChain, Cointelegraph reported on March 4.

CoIntelegraph于3月4日报道说，拉撒路集团花了10天的时间才通过分散的交叉链协议Thorchain洗钱100％。

Still, blockchain security experts were hopeful that a portion of the funds could be frozen and recovered by Bybit. As of March 20, over 80% of the stolen $1.4 billion was still traceable as blockchain investigators continue their efforts to freeze and recover the funds.

尽管如此，区块链安全专家还是希望一部分资金可以冻结并由拜特比特恢复。截至3月20日，由于区块链调查人员继续努力冻结和收回资金，但被盗14亿美元的80％以上仍然可以追溯。

How hackers staged the world’s biggest crypto hack

黑客如何上演世界上最大的加密黑客

The Bybit attack highlights that even centralized exchanges with strong security measures remain vulnerable to sophisticated cyberattacks, analysts said.

分析师说，BYBIT攻击的重点是，即使是具有强大安全措施的集中交流仍然容易受到复杂的网络攻击的影响。

The attack shares similarities with the $230 million WazirX hack and the $58 million Radiant Capital hack, according to Meir Dolev, co-founder and chief technical officer at Cyvers.

Cyvers的联合创始人兼首席技术官Meir Dolev表示，这次袭击与2.3亿美元的Wazirx Hack和5800万美元的Radiant Capital Hack有着相似之处。

Dolev said the Ethereum multisig cold wallet was compromised through a deceptive transaction, tricking signers into unknowingly approving a malicious smart contract logic change.

多尔夫说，以太坊的Multisig Cold钱包是通过欺骗性交易妥协的，诱使签名者在不知不觉中批准了恶意的智能合同逻辑变化。

“This allowed the hacker to gain control of the cold wallet and transfer all ETH to an unknown address,” Dolev told Cointelegraph.

“这使黑客可以控制冷钱包，并将所有ETH转移到未知的地址中，” Dolev告诉Cointelegraph。

North Korea hacking activity. Source: Chainalysis

朝鲜黑客活动。来源：链分析

Throughout 2024, North Korean hackers stole over $1.34 billion worth of digital assets across 47 incidents, a 102% increase from the $660 million stolen in 2023, according to Chainalysis data.

根据Chainalysis数据，在2024年，朝鲜黑客在47起事件中偷走了价值超过13.4亿美元的数字资产，比2023年被盗的6.6亿美元增加了102％。

This accounted for 61% of the total crypto stolen in 2024.

这占2024年加密货币总偷走的61％。