Bybit Hack: Is Lazarus Group Behind the Biggest Crypto Heist in History?
The recent attack on Bybit has shaken the cryptocurrency world, with over $1.5 billion in assets stolen. Research suggests that notorious North Korean hacker Park Jin Hyok could be behind the heist.
Who is Park Jin Hyok?
This hacker has been accused by the US of several high-profile cyberattacks, including:
WannaCry, the ransomware that affected thousands of computers in 2017.
The hack of Sony Pictures, in representation of the film The Interview.
The robbery of the central bank of Bangladesh, where $81 million was extracted.
He is also linked to Chosun Expo Joint Venture, a group associated with the infamous Lazarus Group.
What is the Lazarus Group?
This is a hacking collective allegedly backed by North Korea, active since 2010 and responsible for multiple cyberattacks globally. Among their largest thefts are:
Ronin Bridge (Axie Infinity) – $625 million
Harmony Bridge – $100 million
Atomic Wallet – $100 million
Stake – $41 million
Alphapo Active Wallet – over $60 million
WazirX – $230 million
The method of the Bybit attack
Instead of making a normal transfer, the attackers modified the logic of the Bybit cold wallet smart contract. This allowed them to take full control and drain the entire ETH balance to an unknown address.
Bybit has confirmed that the attack was limited to a single wallet, but forensic investigation, based on test transactions, wallet tracking, and time-lapse charts, has revealed similarities to tactics previously used by the Lazarus Group.
What's next?
Authorities and cybersecurity experts are analyzing the data to track the stolen funds and determine next steps. In the meantime, the crypto community remains vigilant against this threat in
evolucon