Last week, a group of hackers reportedly backed by North Korea pulled off what has been determined to be the biggest heist in history.
According to a report from The Independent, hackers stole about $1.46 billion worth of digital currency from Bybit, one of the world’s most popular crypto exchanges. In a matter of minutes, the hackers funneled the money across the internet to anonymous wallets, marking the biggest heist of any kind in history.
Previously, the largest theft of all time was widely believed to have been carried out by Saddam Hussein when he stole nearly $1 billion from the Iraqi Central Bank on the eve of the 2003 Iraq War. This heist was worth nearly $500 million more.
The Lazarus Group, which has been linked to North Korea since its inception in 2009, is believed to be behind the theft as the strategies used closely mimicked attacks the group has carried out in the past.
As one security expert pointed out, the Lazarus Group made use of a loophole in the Bybit security system.
“A security system is only as strong as its weakest link. In Bybit’s case, there was a security loophole when Ledger [a hardware wallet] and Safe{Wallet} [a digital wallet app] were used together,” Shahar Madar, vice president of security and trust at blockchain platform Fireblocks, told The Independent.
“Hackers likely used malware to secretly modify what users saw on the Safe{Wallet} interface. Users thought they were approving a normal transaction, when in reality, they were approving a different, manipulated one. Ledger required users to approve transactions without showing full details (known as ‘blind signing’). This meant users couldn’t see what they were actually approving, making it easy for hackers to trick them.”
While cryptocurrency uses blockchain to provide a record of every transaction, the hackers used a process called “layering,” quickly moving funds from wallet to wallet to help conceal their transaction record, giving them time to liquidate the assets before they were caught.
“North Korea’s Lazarus Group is the most sophisticated and well-resourced launderer of cryptoassets in existence, continually adapting its techniques to evade identification and seizure of stolen assets,” blockchain analytics firm Elliptic wrote in a blog post. “The transparency of blockchains means that this transaction trail can be followed, but these layering tactics can complicate the tracing process, buying the launderers valuable time to cash-out the assets.“
While some of the assets have already been seized, the massive scale of the theft made it difficult for authorities to local all the stolen assets.
Read the full article here
