North Korea steals $1.5bn as it pulls off world’s biggest ever heist
North Korea steals $1.5bn as it pulls off world’s biggest ever heist
State-backed North Korean hackers have stolen $1.5bn (£1.2bn) of cryptocurrency in the largest heist in history.
The hackers stole more cryptocurrency in one attack than all the funds stolen by North Korean cyber criminals in 2024, when the rogue state’s cyber attackers made off with around $1.3bn in digital coins, according to cryptocurrency analysts Chainalysis.
Crypto once again showing why it’s either just a casino with extra steps or a way to buy drugs rather than a serious solution for any currency or real world transactions.
It’s so amazing and digital and modern and easy to steal.
Specifically too it's very easy to steal in bulk. Sure scamming grandma and grandpa out of their life savings has way fewer safeguards with crypto than with fiat currency, but it's absolutely still possible without crypto and happens all the time. This is the monetary equivalent of stealing nearly 16,000 kg of gold – something unthinkable with fiat currency.
Though someone did steal 3,000 kg of gold one time.
Are there crypto scams? yes, and plenty of them. Can you buy drugs with them? sure (and I thinks that's great!) Do either of the above statements get at the core issue here? not at all.
The issue here is not with the crypto itself. The issue here is the same issue that is regularly a problem anywhere software is deployed, digital security. The take away here is that many (all?) crypto exchanges are failing to properly secure their systems. Which is why the general rule that anybody investing in crypto should follow is never keep crypto in an exchange wallet unless you plan on trading it in the very short term. As an extension of that rule, you should never keep your crypto in a wallet that you don't hold the private keys for. If you don't have the private key for the wallet, it's not your wallet. Not your wallet, not your crypto.
The take away here is that many (all?) crypto exchanges are failing to properly secure their systems.
When your adversary is a nation-state with an actual army of hackers that can work 24/7 and deploy 0-days, it's hard to say for sure the exchange is at fault for not handling security properly. This isn't a lone Kevin Mitnick pulling a stunt, this is literal cyber warfare.
i feel the issue is with crypto
I would say it is specifically a problem with crypto, i addition to what you said.
you wouldn't be able to do the above with a bank. They'd just make the transaction not to have happened.
with crypto, e.g. btc, you'd have to convince 2-3 of the big mining pools to undo the transction, so random private actors. and it undo all other transactions done as well.
maybe that it happens is not due to crypto. That it cant be remedied is certainly because crypto.
Yeah, but crypto bros specifically told me "Blockchain! Anonymous cryptographic fungible NFT AI!"
Love me a fungible non fungible token
Wait till you learn about USD
North Korea's GDP would technically be up 5% from this. Great success.
Doesn't cagr though.
Looks like hexbear will be funded after all
You joke, but it looks like they actually did manage to regain their domain. Not sure how.
Last I read, the admin who was a day late in paying Sav for the renewal was actually able to transfer the domain to a different registrar (PorkBun) before Sav's auction of the domain was complete. This maneuver was either something that Sav's auction designers hadn't anticipated, or the auction was compromised because the main bidder (j_s_) was a hexbear user who'd found a way to make unauthenticated bids.
At any rate, I don't think they paid thousands for it.
Sadly I'm afraid Hexbear doesn't get the Xi-bux it rightly deserves, it's even blocked by the great Chinese firewall (thought the reasons aren't clear). I wish the left was as well funded as people claim :(
Isn't it only worth 1.5 billion if you manage to sell it? How would you liquidate this much crypto?
Launder it and slowly sell it off through sock puppets.
They're a nation-state level actor, they have significant resources of their own and solid ties to both China and Russia, who are even more skilled and have even more resources.
Say what you want about North Korea but they're the only one ballsy enough to take care of our right-wingers.
Did Kim steal Musk's jacket?
First of all, I love that this is an AOL link. AOL is still around, eh?
Second, isn't crypto supposed to be trackable in the ledger? How are they hiding that much coin under a new name? That's the whole point of crypto.
Why would they need to hide it?
That's a good point, but I'm not sure that's in crypto's favor. Since we know who now owns the stolen crypto, would someone buy it from them? Who is going to honor it? So, does the exchange just go defunct and everyone is out, or....?
There are ways to clean crypto, by mixing it with other sources. See crypto mixers
Depends on the coin. Bitcoin is more trackable than cash. But privacy coins provide...privacy
Oh I'm sure that'll settle things down. World peace can't be that far away!
Agents from Pyongyang were able to breach the systems of Dubai-based exchange Bybit to steal the digital coin Ether, according to security analysts.
*More
Hackers gained access to Bybit’s internal systems using so-called “phishing” email, which prompted an employee to input their login details to a seemingly legitimate website that was actually compromised.
The hackers were then able to gain access to a so-called “cold wallet” – a supposedly secure cryptocurrency storage device that holds coins offline and away from the internet. When Bybit came to transfer funds from the offline wallet to its online systems, the hackers sabotaged the transfer and stole the funds.
So hot wallets?
No. From the article, phishing to get access to a cold wallet..
Why does any one employee have the ability to unilaterally move this much value? Even in non-malicious circumstances that doesn't seem like a good way of organising a currency?
The article actually doesn't provide any proof it was North Korea. Why do they think it was North Korea?
Probably Israel leaving clues to make it look like DPRK
Any technical juicy deets?
They phished an employee and got cold-wallet access.
Is this the cause of the dip?
I'm sure Trump will give Kim high fives
Can’t people just stop trading that specific coin? Or just say it’s now worth 1$?
This was a targeted attack against a cryptocurrency exchange. The specific crypto happened to be Ethereum (ETH), but more importantly the hackers were able to identify and target the specific employees needed for their multi-signature transactions, and infect their machines with malware to alter the user interface and show different destination wallet addresses. The exchange Bybit has offered a 10% bounty which could earn whitehats up to $140 million for any funds recovered, but I would be very surprised to see huge success with the use of mixers and such.
I'm impressed. As the old Arabic poem goes ليتني كوري شمالي
love that bit about nuclear attack on new york
what's your favorite bit?
The record haul comes as Kim Jong-un, North Korea’s supreme leader, turns to elite units of computer hackers to prop up the Communist dictatorship’s failing economy.
I'm no apologist for NK, but this sentence is glaringly missing a nod to Western sanctions that caused the failing economy. It's mentioned some paragraphs later, but I can't not notice the subtle propaganda.
Are you implying that we should be openly trading with NK and funding their government? Seriously?
Fish that bites its own tail. North Korea is weird as it is because of the isolation imposed on it after the country was quite literally levelled by US bombings. That's the historical and materialist events that gave rise to "juche" ideology in the way North Korea understands it now. I think you'd be pretty scared of outsiders if your country had been as close to literally entirely destroyed as it gets by foreign bombing, and if when you tried to rebuild your economy you had been subjected to an almost complete economic blockade.