U.S. Accuses North Korea of Historic $1.5 Billion Crypto Heist
February 27, 2025 – In a significant development in the world of cybersecurity and cryptocurrency, the U.S. Federal Bureau of Investigation (FBI) on Wednesday accused North Korea of orchestrating a cyber heist that resulted in the theft of $1.5 billion worth of digital assets. This incident, which occurred last week, constitutes the largest cryptocurrency heist in history.
Details of the Heist
The high-profile theft targeted the Dubai-based cryptocurrency exchange Bybit, which reported that approximately 400,000 Ethereum was stolen during a security breach. Bybit disclosed that attackers managed to exploit vulnerabilities in the exchange’s security protocols during a transaction, facilitating the unauthorized transfer of these assets to an unidentified digital address.
In a public service announcement, the FBI confirmed that North Korea’s government was behind the notorious crime. “(North Korea) was responsible for the theft of approximately $1.5 billion in virtual assets from cryptocurrency exchange, Bybit,” the bureau stated.
The Role of the Lazarus Group
The FBI pinpointed the culprits as a group known as TraderTraitor, widely recognized as the Lazarus Group. Historically infamous for cyber criminal activities, the Lazarus Group has been linked to numerous high-profile hacks. The FBI indicated that the group was already taking steps to convert some of the stolen assets into Bitcoin and other cryptocurrencies, allegedly dispersing them across thousands of digital addresses on multiple blockchains. They cautioned that these assets are likely to undergo further laundering efforts before being converted into traditional fiat currencies.
A History of Cyber Crimes
The Lazarus Group first gained notoriety nearly a decade ago after its involvement in a hack against Sony Pictures in an act of retaliation for the release of “The Interview,” a satirical film that depicted North Korean leader Kim Jong Un. The group was again in the spotlight for its role in the 2022 theft of $620 million in Ethereum and USD Coin from the Ronin Network, an incident that was previously recorded as the largest crypto theft until the current heist.
In December of the previous year, both the United States and Japan implicated the group in the theft of over $300 million worth of cryptocurrency from the Japan-based exchange DMM Bitcoin.
North Korea’s Cyber-Warfare Capabilities
North Korea’s cyber-warfare initiatives have evolved significantly since the mid-1990s, with the country being dubbed "the world’s most prolific cyber-thief" by various cybersecurity experts. A U.S. military report from 2020 estimated that North Korea has established a cyber-warfare unit composed of around 6,000 members, known as Bureau 121, operating out of several countries.
A United Nations panel investigating North Korea’s circumventing of international sanctions recently estimated that the regime has stolen over $3 billion in cryptocurrency since 2017. The profits from these cybercrimes are reportedly funneled to support the country’s nuclear weapons program, according to the panel.
Conclusion
As authorities continue to investigate the ramifications of this historic theft, the implications for the cryptocurrency market and international relations could be significant. The FBI’s allegations highlight the ongoing challenge posed by state-sponsored cyber-crime, particularly from North Korea, as the global community grapples with the intersection of digital finance and national security.
This unfolding situation warrants close attention from regulators, cybersecurity experts, and cryptocurrency exchanges alike as the scale and impact of such cyber-crimes continue to evolve.
Share this article:
