When Cyber Thieves Go Wild: The Lazarus Group Strikes Again! 💰💻

In the shadowy realms of cyberspace, where the digital winds howl like a banshee, the notorious Lazarus Group, a North Korean cybercrime syndicate, has once again cast its long, ominous shadow. The latest whispers of onchain evidence suggest they are the masterminds behind the audacious $1.4 billion heist at Bybit and the more modest, yet equally brazen, $29 million raid on Phemex. Who knew that stealing digital assets could be such a lucrative hobby?

On that fateful day of February 21, the Bybit exchange was besieged, resulting in the largest crypto theft in history. Over $1.4 billion in liquid-staked Ether (stETH), Mantle Staked ETH (mETH), and a cornucopia of ERC-20 tokens vanished into the ether—pun intended! The audacity of it all! 🎩💸

Blockchain sleuths, including the ever-watchful Arkham Intelligence and the intrepid ZachXBT, have traced the digital breadcrumbs back to the Lazarus Group. It seems they have a penchant for leaving a trail of breadcrumbs that even Hansel and Gretel would envy.

But wait, there’s more! New revelations have emerged, linking the same wallets involved in the Bybit debacle to the earlier $29 million Phemex hack. It’s like a twisted family reunion of cybercriminals, all gathered around the digital campfire, sharing tales of their exploits.

According to the latest onchain data, Phemex’s hot wallets were drained through a staggering 125 transactions across 11 blockchain networks. It’s as if the hackers were playing a game of digital whack-a-mole, but instead of moles, they were whacking wallets! And just to make things more interesting, they started converting their ill-gotten gains into Ether (ETH) using crypto mixing protocols like Tornado Cash. Because why not make it harder for the authorities to trace their tracks? 😂

The Bybit hack alone accounts for more than half of the $2.3 billion stolen in crypto-related hacks in 2024. Talk about a significant setback for the industry! It’s like a bad hangover after a night of too much digital partying.

Meir Dolev, co-founder and chief technical officer at Cyvers, noted that this attack bears a striking resemblance to the $230 million WazirX hack and the $58 million Radiant Capital hack. Apparently, the Ethereum multisig cold wallet was compromised through a deceptive transaction, tricking signers into unknowingly approving a malicious smart contract logic change. It’s like a digital magic trick gone horribly wrong!

“It seems that Bybit’s ETH multisig cold wallet was compromised through a deceptive transaction that tricked signers into unknowingly approving a malicious smart contract logic change.”

With this sleight of hand, the hacker gained control of the cold wallet and transferred all ETH to an unknown address. Bravo! 👏

The Lazarus Group: The Gift That Keeps on Giving (or Stealing)

The Lazarus Group, the North Korean cybercriminals, are the prime suspects in some of the most infamous hacking incidents, including the $600 million Ronin network hack and the $230 million WazirX exchange heist. They’ve been busy little bees, stealing over $1.34 billion worth of digital assets across 47 incidents in 2024 alone—a staggering 102% increase from the $660 million pilfered in 2023, according to Chainalysis data. Who knew crime could be so profitable?

This nefarious activity accounted for a whopping 61% of the total crypto stolen in 2024. The United States, Japan, and South Korea have issued a joint warning, cautioning about the growing threat of North Korean hackers targeting the crypto industry. It’s like a digital game of cat and mouse, but the cat is armed with a keyboard and a penchant for chaos.

Over the past year, these digital marauders have also been linked to the $305 million DMM Bitcoin hack, the $50 million Upbit hack, the $50 million Radiant Capital hack, and the $

2025-02-22 14:36

The Lazarus Group: The Gift That Keeps on Giving (or Stealing)

Read More