On February 21st, one of the largest hacks to a centralized #exchange occurred, where #hackers nearly $1.4 billion dollars in ETH were stolen from one of the platform's wallets, but how did this happen and what are the hackers doing with this money? Let's explore.
On Friday, February 21, #blockchain researcher "Zach XBT" reported on his main networks that there were some very suspicious money outflows from the By...bit Exchange.
Later, the CEO of the centralized exchange, Ben Zhou, indicated in an official announcement that one of the Exchange’s cold wallets was carrying out routine transactions, and in one of those movements the hackers managed to gain access to the platform’s user interface (through a previous phishing attack), which allowed them to replace the multi-signature wallet implementation contract with a malicious version. This is how the attackers obtained the necessary permissions to start processing unauthorized fund transfers.
As a result, hackers gained control of the hardware wallet and were able to steal nearly $1.4 billion in assets.
This incident is now considered one of the biggest cryptocurrency thefts of all time.
It is now known that the hackers behind this theft are the North Korean Lazarus Group.
Who are the Lazarus Group?
The Lazarus Group is a collective of sophisticated hackers from North Korea, who work very carefully until they achieve their goal. In addition, they are nothing new in the #cripto ecosystem since in the past they were responsible for other thefts to various platforms. Thus we have the Lazarus group behind the hack of:
- Axie Infinity $625 million dollars
- Harmony Bridge $100 million dollars
- Atomic Wallet $100 million dollars
- Stake $41 million dollars
- Alphapo hot wallet $60 million dollars
- Wazirx $230 million
Now after the theft of ETH from the centralized Exchange, this group of hackers is considered one of the largest ETH holders, since they own around 0.42% of ETH.
Once the funds were stolen, the next step for this group of hackers was to move and clean the money, trying to erase any trace. This tactic has already been applied by hackers in the past through cryptocurrency mixers, the use of Defi platforms without KYC, among other options.
What did the centralized exchange do after the hack?
Following the incident, the exchange's CEO, Ben Zhou, came out to calm the waters, explaining the procedure to be able to return the stolen ETH and prevent false rumors from spreading. Transactions on the centralized exchange were not frozen or stopped, making its users feel more at ease if they wanted to withdraw.
In addition, in order to return those ETH stolen from its customers, the Exchange had to replenish them somehow. That is why the platform started receiving loans from other centralized Exchanges and/or whales, as well as buying ETH (OTC) to have what it needed. It is finally known that it has already paid off its loans without interest.
It remains to be investigated and reports from security companies are awaited to find out how the centralized Exchange's wallets could have been breached, as well as the intervention of regulators to find out if the clients' funds are completely safe on the platform. In addition, there is also the need to follow the trail of the stolen funds, in order to freeze them or fully identify them so that they cannot be moved. In the crypto market you never get bored. Be safe.
👉More crypto updates...
Share and follow me for more 👈😎
