CyberSecurityBoard
Sponsor Register Login

North Koreans finish initial laundering stage after more than $1 billion stolen from Bybit | The Record from Recorded Future News

TRM Labs has tracked previous thefts by North Korean actors and found a similar playbook, where the hackers use DeFi platforms to convert funds into Bitcoin before using mixers to obfuscate the source of the cryptocurrency. Last week, the FBI attributed the attack on Bybit to a well-known North Korean group known as TraderTraitor or Lazarus, and urged the cryptocurrency community to help contain the $1.4 billion in cryptocurrency stolen from the exchange. North Korea’s Lazarus Group has stolen billions worth of cryptocurrency over the last 9 years, with blockchain monitoring firm Chainalysis saying hacking groups connected to North Korea’s government stole $1.34 billion worth of cryptocurrency across 47 incidents in 2024. Experts at another blockchain security firm, Elliptic, said the North Korean group was forced to pause the laundering process on Friday because the service they were using, eXch, couldn’t handle the volume of transactions. “This rapid laundering suggests that North Korea has either expanded its money laundering infrastructure or that underground financial networks, particularly in China, have enhanced their capacity to absorb and process illicit funds,” Redbord said. Ari Redbord, a senior official at TRM Labs, told Recorded Future News that the laundering process relied heavily on decentralized finance (DeFi) tools that helped obscure the origins of the stolen assets. The suspected North Korean hackers behind the theft of more than $1 billion from crypto platform Bybit have completed the initial stage of laundering the funds. Experts from multiple blockchain security companies said Monday that the hackers were able to move all of the stolen ETH coins to new addresses — the first step taken before the funds can be laundered further. The Dubai-based Bybit has launched a recovery bounty program and offered 10% of the recovered funds to anyone who helps in tracing and freezing the stolen cryptocurrency. TRM Labs said about 77% of the funds are still traceable and they are working alongside other blockchain security funds to help stop the money from being laundered further. The Bybit attack is the largest crypto hack of all time, far surpassing previous headline-grabbing thefts of more than $600 million from DeFi platforms like Ronin Network and Poly Network. “TraderTraitor actors are proceeding rapidly and have converted some of the stolen assets to Bitcoin and other virtual assets dispersed across thousands of addresses on multiple blockchains,” the FBI alert said.

This Cyber News was published on therecord.media. Publication date: Tue, 04 Mar 2025 18:10:19 +0000


Cyber News related to North Koreans finish initial laundering stage after more than $1 billion stolen from Bybit | The Record from Recorded Future News

North Koreans finish initial laundering stage after more than $1 billion stolen from Bybit | The Record from Recorded Future News - TRM Labs has tracked previous thefts by North Korean actors and found a similar playbook, where the hackers use DeFi platforms to convert funds into Bitcoin before using mixers to obfuscate the source of the cryptocurrency. Last week, the FBI ...
1 month ago Therecord.media Lazarus Group
Lazarus hacked Bybit via breached Safe{Wallet} developer machine - While investigating the attack, crypto fraud investigator ZachXBT discovered links between the Bybit hackers and the infamous North Korean Lazarus threat group after the attackers sent some of the stolen Bybit funds to an Ethereum address previously ...
1 month ago Bleepingcomputer.com Lazarus Group
North Korean hackers linked to $1.5 billion ByBit crypto heist - Since the attack, crypto fraud investigator ZachXBT has discovered links between the Bybit hackers and the infamous North Korean Lazarus threat group after the attackers sent stolen Bybit funds to an Ethereum address previously ...
1 month ago Bleepingcomputer.com Lazarus Group
FBI confirms Lazarus hackers were behind $1.5B Bybit crypto heist - Since the incident, crypto fraud investigator ZachXBT discovered multiple links to the infamous North Korean threat group after the attackers sent some of the stolen Bybit funds to an Ethereum address used in the Phemex, BingX, and Poloniex hacks ...
1 month ago Bleepingcomputer.com APT3 APT38 Lazarus Group
Hackers drained $1.4 billion of cryptocurrency from Bybit exchange, CEO confirms | The Record from Recorded Future News - The cryptocurrency exchange Bybit was hacked for more than $1.4 billion worth of Ethereum on Friday in what cybersecurity experts are calling the largest-ever theft targeting a cryptocurrency platform. Zhou speculated that the source of the ...
1 month ago Therecord.media Lazarus Group
North Korea's state hackers stole $3 billion in crypto since 2017 - North Korean-backed state hackers have stolen an estimated $3 billion in a long string of hacks targeting the cryptocurrency industry over the last six years since January 2017. Kimsuky, Lazarus Group, Andariel, and other North Korean hacking groups ...
1 year ago Bleepingcomputer.com Andariel Kimsuky Lazarus Group
North Korean Hackers Cash Out $300 Million From $1.46 Billion ByBit Crypto Heist - Lazarus Group hackers believed to be affiliated with North Korea’s regime have successfully laundered at least $300 million from their unprecedented $1.5 billion cryptocurrency heist targeting the ByBit exchange. Elliptic’s analysis ...
1 month ago Cybersecuritynews.com Lazarus Group
US Treasury removes sanctions on Tornado Cash after appellate court loss | The Record from Recorded Future News - In November, the federal appeals court ruled that the executive branch’s authority to “block ‘property’ in which a foreign ‘national’ or ‘person’ has an ‘interest’” did not apply in the case of Tornado Cash because its immutable ...
3 weeks ago Therecord.media Lazarus Group
Hacker steals record $1.46 billion from Bybit ETH cold wallet - "Please rest assured that all other cold wallets are secure. I will keep you guys posted as more develops, If any team can help us to track the stolen fund will be appreciated," Bybit's CEO added. Bybit says all other cold wallets are fully ...
1 month ago Bleepingcomputer.com
Hacker steals over $1.46 billion of crypto from Bybit ETH cold wallet - "Please rest assured that all other cold wallets are secure. I will keep you guys posted as more develops, If any team can help us to track the stolen fund will be appreciated," Bybit's CEO added. Bybit says all other cold wallets are fully ...
1 month ago Bleepingcomputer.com
'Sex life data' stolen from UK government among record number of ransomware attacks - Data on the sex lives of up to 10,000 people was stolen from a British government department in one of the record number of ransomware attacks to have hit Westminster in the first half of this year. It is not known which department the information ...
1 year ago Therecord.media
CVE-2019-5303 - There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices. Due to insufficient input validation of two values when parsing ...
1 year ago
CVE-2019-5302 - There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices. Due to insufficient input validation of two values when parsing ...
1 year ago
North Korean Hackers Amass $3bn in Cryptocurrency Heists - North Korean hackers have reportedly stolen a total of $3bn in cryptocurrency since 2017, as revealed in a recent report by Recorded Future's Insikt Group. The revelation underscores the prolonged engagement of the regime in the cryptocurrency ...
1 year ago Infosecurity-magazine.com
North Korean Hackers Have Stolen Over $3 Billion in Cryptocurrency: Report - North Korean threat actors are believed to have stolen more than $3 billion in cryptocurrency to date, according to a report from threat intelligence firm Recorded Future. Collectively tracked as the Lazarus Group, the North Korean hackers specialize ...
1 year ago Securityweek.com Lazarus Group
US removes sanctions against Tornado Cash crypto mixer - The U.S. Department of Treasury announced today that it has removed sanctions against Tornado Cash, a cryptocurrency mixer used by North Korean Lazarus hackers to launder hundreds of millions stolen in multiple crypto heists. In August 2023, the ...
3 weeks ago Bleepingcomputer.com
Lazarus Group hackers appear to return to Tornado Cash for money laundering - North Korea's Lazarus hacking group allegedly has turned back to an old service in order to launder $23 million stolen during an attack in November. Investigators at blockchain research company Elliptic said on Friday that in the last day they had ...
1 year ago Therecord.media Lazarus Group
Woman Accused of Helping North Korean IT Workers Infiltrate Hundreds of US Firms - The US government has announced charges, seizures, arrests and rewards as part of an effort to disrupt a scheme in which North Korean IT workers infiltrated hundreds of companies and earned millions of dollars for North Korea. According to the ...
10 months ago Securityweek.com
The past year was the most detrimental for digital currency security breaches, with North Korean organizations profiting. - In 2022, cyberattacks on cryptocurrency platforms resulted in the theft of almost $4 billion, with a large portion of the activity being attributed to hackers working on behalf of the North Korean government. According to blockchain research firm ...
2 years ago Therecord.media Lazarus Group
North Korea's Kimsuky Attacks Rivals' Trusted Platforms - North Korea-linked threat groups are increasingly using living-off-the-land (LotL) techniques and trusted services to evade detection, with a recent Kimsuky campaign showcasing the use of PowerShell scripts and storing data in Dropbox folders, along ...
1 month ago Darkreading.com Andariel Kimsuky
Malware Takedowns Show Progress, But Fight Against Cybercrime Not Over - Takedown of malware infrastructure by law enforcement has proven to have an impact, albeit limited, on cybercriminal activity, according to threat intelligence provider Recorded Future. The Emotet takedown, led by Europol and Eurojust in 2021. The ...
1 year ago Infosecurity-magazine.com
North Korean IT worker army expands operations in Europe - GTIG's report follows multiple warnings issued by the FBI regarding North Korea's massive army of IT workers sent abroad to generate revenue, who have tricked hundreds of companies in the United States and worldwide into hiring them over the years. ...
1 week ago Bleepingcomputer.com
North Korean Hackers' $12M Ethereum Laundering Via Tornado Cash Unveiled - It has been reported that North Korean hackers associated with the Lazarus Group have exploited Tornado Cash in a recent development to launder approximately $12 million worth of stolen Ethereum in the last 24 hours, using the coin mix-up service ...
1 year ago Cysecurity.news Lazarus Group
Crypto Exchange OKX Suspends Tool Used by North Korean Hackers to Steal Funds - Cryptocurrency exchange OKX has temporarily suspended its decentralized exchange (DEX) aggregator service following allegations that North Korea’s state-sponsored Lazarus Group exploited it to launder funds stolen from the recent Bybit hack. The ...
4 weeks ago Cybersecuritynews.com Lazarus Group
Innovative Legal Move Restores Hospital's Stolen Information - There has been a handover of patient data stolen by the notorious LockBit gang from a cloud computing company to a New York hospital alliance that is partnered with that company. There was a lawsuit filed by the North Star Health Alliance - a group ...
1 year ago Cysecurity.news LockBit

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)