The United States Federal Bureau of Investigation (FBI) has accused North Korea of orchestrating the largest cryptocurrency theft in history, stealing an estimated $1.5 billion from the Dubai-based Bybit cryptocurrency exchange. The heist, first reported last week, underscores the growing concerns over state-sponsored cybercrime and the vulnerability of digital financial systems.

According to the FBI’s statement on February 26, the attack exploited Bybit’s routine process of transferring funds between digital wallets. Hackers reportedly compromised the system when funds were moved from an offline cold wallet to an online hot wallet, ultimately seizing approximately 401,000 Ethereum tokens. These tokens, valued at around $1.5 billion, were funneled into an unidentified address. The FBI noted that the stolen assets were quickly dispersed across thousands of blockchain addresses, making recovery efforts increasingly difficult.

The attackers utilized a malware suite known as ‘TraderTraitor,’ which masquerades as a legitimate cryptocurrency trading tool or job recruitment software. Once installed, the malware allows hackers to gain unauthorized access to financial systems, extract funds, and reroute them into illicit accounts. The FBI did not specify which North Korean group was responsible for the attack, but similar tactics have previously been attributed to the infamous Lazarus Group.

Bybit has since disclosed that the hack was carried out through a “sophisticated attack that masked the signing interface.” The attackers altered the underlying smart contract logic while displaying the correct address, effectively deceiving security protocols and bypassing standard safety measures.

Western intelligence agencies have long accused North Korea of utilizing cybercrime to finance its weapons programs and evade international sanctions. North Korean hacking groups, including........

© Blitz