North Korea behind $2 billion crypto theft, says FBI
Sign up now: Get ST's newsletters delivered to your inbox
Dubai-based cryptocurrency exchange Bybit reported last week that it had been robbed of US$400,000 in cryptocurrency Ethereum.
PHOTO: REUTERS
Follow topic:
WASHINGTON – The US Federal Bureau of Investigation (FBI) on Feb 26 accused North Korea of being behind the theft of US$1.5 billion (S$2.01 billion) worth of digital assets last week – the largest crypto heist in history.
Dubai-based cryptocurrency exchange Bybit reported last week that it had been robbed of US$400,000 in cryptocurrency Ethereum.
According to the company, attackers exploited security protocols during a transaction, enabling them to transfer the assets to an unidentified address.
On Feb 26, the US government pointed the finger at Pyongyang.
“(North Korea) was responsible for the theft of approximately US$1.5 billion in virtual assets from cryptocurrency exchange Bybit,” the FBI said in a public service announcement.
The bureau said a group called TraderTraitor, also known as the Lazarus Group, was behind the theft.
It said they were “proceeding rapidly and have converted some of the stolen assets to Bitcoin and other virtual assets dispersed across thousands of addresses on multiple blockchains”.
The FBI added: “It is expected these assets will be further laundered and eventually converted to fiat currency.”
Lazarus Group gained notoriety a decade ago when it was accused of hacking into Sony Pictures as revenge for The Interview, a film that mocked North Korean leader Kim Jong Un.
It was also allegedly behind the US$620 million heist of Ethereum and USD Coin from the Ronin Network in 2022, previously the biggest crypto theft in history.
In December 2024, the US and Japan blamed it for the theft of cryptocurrency worth more than US$300 million from the Japan-based exchange DMM Bitcoin.
North Korea’s cyber-warfare programme dates back to at least the mid-1990s, and the country has been dubbed “the world’s most prolific cyber-thief” by a cyber-security firm.
Pyongyang’s programme has grown to a 6,000-strong cyber-warfare unit known as Bureau 121 that operates from several countries, according to a 2020 US military report.
A UN panel on North Korea’s evasion of sanctions in 2024 estimated the nation has stolen more than US$3 billion in cryptocurrency since 2017.
Much of the hacking activity is reportedly directed by Pyongyang’s Reconnaissance General Bureau, its primary foreign intelligence agency.
Money stolen helps to fund the country’s nuclear weapons programme, the panel said. AFP
