FBI Accuses North Korean-Linked Hackers of Major Cryptocurrency Theft Valued at $1.5 Billion
By Jon Gambrell, Associated Press
February 27, 2025, 2:13 AM EST
ROME — The Federal Bureau of Investigation (FBI) has accused a group of hackers with ties to North Korea of orchestrating one of the largest known thefts of cryptocurrency, involving approximately $1.5 billion worth of ethereum. This major cybersecurity incident targeted Bybit, a prominent cryptocurrency exchange based in Dubai, and marks a significant breach in the evolving landscape of digital finance.
The Attack and Accusations
In an online public service announcement issued late Wednesday, the FBI detailed its suspicions regarding the hackers, identifying them by the aliases TraderTraitor and the Lazarus Group. The FBI’s statement explained that the hackers employed malicious tactics, disseminating modified cryptocurrency trading applications that contained malware specifically designed to facilitate the theft of digital assets.
“TraderTraitor actors are proceeding rapidly and have converted some of the stolen assets to Bitcoin and other virtual assets dispersed across thousands of addresses on multiple blockchains,” the FBI noted. The agency warned that these assets are likely to be laundered and eventually converted to fiat currency, which presents ongoing challenges for law enforcement.
North Korea’s Cyber Operations
Despite the severity of the accusations, North Korean state media has yet to comment on the theft or the FBI’s claims. The North Korean mission to the United Nations in Geneva did not respond to requests for comment from Associated Press.
According to South Korea’s intelligence agency, North Korea has been implicated in stealing an estimated $1.2 billion in cryptocurrency and other virtual assets over the past five years. This illegal activity appears to be a vital source of foreign currency for the economically-strained nation, helping to support its nuclear ambitions while facing stringent United Nations sanctions and strict border closures implemented during the COVID-19 pandemic.
A panel of experts with the United Nations has reported investigating 58 cyberattacks attributed to North Korea from 2017 to 2023, which collectively resulted in the theft of around $3 billion aimed at funding the country’s development of weapons of mass destruction.
Bybit’s Response
In light of the FBI’s announcement, Bybit’s co-founder and CEO, Ben Zhou, acknowledged the situation on social media platform X. Zhou linked to a website that is offering a total of $140 million in bounties for information leading to the tracking and freezing of the stolen assets by other cryptocurrency exchanges.
Bybit has stated that the theft resulted from a "manipulated" routine transfer of ethereum from a "cold" or offline wallet, which was exploited by the attacker to redirect the cryptocurrency to an unidentified address. Blockchain analytics firm Certik has deemed this breach the largest in the history of blockchain transactions.
Market Impact
The ramifications of the theft have reverberated through the cryptocurrency market, causing a dip in overall crypto prices. Investors have expressed concern as the market absorbed the implications of the hack. Despite an overall boost from political developments such as the election of U.S. President Donald Trump, Bitcoin, a leading cryptocurrency, saw its price decrease to around $82,000 per coin, down from a high of over $100,000 just a month prior.
As the situation develops, the intersection of cybersecurity, international relations, and financial markets continues to raise questions about the vulnerabilities inherent in the cryptocurrency ecosystem and the lengths to which state-sponsored actors will go to fund their initiatives.
Share this article:
