Impressive record...
North Korea, '1.5 billion dollar scale Bitvibt hack' Cryptocurrency revenue of hundreds of millions of dollars
Photo source,Getty Images
Last month, a record $1.5 billion (approximately 2.18 trillion won) worth of cryptocurrency was stolen by the hacker group 'Lazarus Group,' and they have successfully laundered at least $300 million.
The Lazarus Group is a hacker organization known to be linked to the North Korean regime. Two weeks ago, they hacked cryptocurrency exchange 'Bitvibt' and stole a massive amount of cryptocurrency.
Since then, there has been a cat-and-mouse chase to prevent the hackers from laundering the stolen cryptocurrency.
Experts say that this infamous hacker group is operating almost 24 hours a day. This could potentially flow into North Korea's military development funds.
"Every moment is crucial for hackers trying to disrupt money tracking," said Dr. Tom Robinson, co-founder of Elliptic, a cryptocurrency research firm. "They are moving very sophisticatedly."
He pointed out that North Korea is by far the most skilled at money laundering among all cryptocurrency criminals.
"North Korea likely has numerous individuals dedicated solely to this task, equipped with automated tools and years of experience. Their movements suggest they work in shifts, taking only a few hours of rest each day to launder cryptocurrency."
Bitvibt estimates that 20% of the funds have been "halted," meaning they are unlikely to be recovered.
The United States and its allies have accused North Korea of using dozens of hacks in recent years to finance the regime's military and nuclear development.
This incident occurred on March 21st when the Lazarus Group hacked into one of Bitvibt's suppliers and secretly changed the digital wallet address where 401,000 Ethereum (ETH) was to be sent.
Bitvibt thought it was transferring the funds to its own digital wallet, but all of them were sent to the hackers.
Photo credit,Getty Images
Photo description,Ben Zhou, CEO of Bybit, is hoping to recover at least some of the stolen cryptocurrency, even offering a reward
Ben Zhou, CEO of Bybit, emphasized that customer funds were not stolen.
Bybit is then buying up the lost Ethereum using investor loans, but according to CEO Zhou, they are "at war with Lazarus".
Bybit has placed a bounty on Lazarus to encourage the public to track and freeze the stolen funds.
Since all cryptocurrency transactions are revealed on the public blockchain, there is a possibility of tracking Lazarus when they attempt to move the funds.
If Lazarus hackers attempt to use mainstream cryptocurrency services to convert coins to fiat currency like dollars, the service providers can freeze the cryptocurrency if they suspect criminal involvement.
So far, 20 people have received over $4 million in rewards for successfully identifying $40 million of the stolen funds and warning cryptocurrency companies to halt transactions.
However, experts are not optimistic about the possibility of recovering the remaining funds, considering North Korea's expertise in hacking and money laundering.
Dr. Dorit Dor of cybersecurity firm 'Check Point' pointed out, "North Korea has built a hacking and successful money laundering industry with a very closed system and economy," adding "Moreover, they don't care about negative perceptions of cybercrime."
Another issue is that not all cryptocurrency companies are willing to cooperate.
The cryptocurrency exchange 'eXch' is facing criticism from Binance and other exchanges for allegedly failing to stop hackers from withdrawing funds. Over $90 million was successfully moved through the exchange.
However, eXch owner John Roberts refuted these claims in an email.
Roberts acknowledged that eXch had a long-standing dispute with Binance and initially did not halt the funds because they were unsure if the coins were from hacking proceeds. He stated that they are currently cooperating.
However, he argued that mainstream cryptocurrency companies are giving up the privacy and anonymity advantages of cryptocurrencies by identifying customers.
Image source,FBI
Image caption,Park Jin-hyeok is believed to be one of the members of the 'Lazarus Group'
Meanwhile, North Korea has never acknowledged being behind the Lazarus Group, but it is widely considered to be the only country that systematically hacks for financial gain.
The Lazarus Group previously targeted banks, but in the past five years, it has focused on attacking cryptocurrency businesses.
The cryptocurrency industry lacks sufficient anti-money laundering measures, making it relatively vulnerable.
Recent hacking cases linked to North Korea include:
- 2019 Upbit hack, $41 million
- KuCoin cryptocurrency theft of $275 million (most funds recovered)
- Ronin Bridge cryptocurrency theft of $600 million in 2022
- Atomic Wallet cryptocurrency theft of approximately $100 million in 2023
In 2020, the United States added North Korean individuals suspected of being part of the Lazarus Group to its cyber wanted list. However, as long as they remain in North Korea, their chances of arrest are extremely low.