North Korean hackers who are allegedly part of the Lazarus group executed the largest cryptocurrency heist in history, stealing $1.5 billion from the cryptocurrency exchange firm Bybit in an attack that showcased advanced tactics employed by state-sponsored cybercriminals, according to TechRepublic.The attack unfolded in four key phases.First, Lazarus likely used spear phishing to gain access to Bybit’s user interface and cold wallet signers by targeting key personnel. This enabled the hackers to create a seemingly legitimate transaction to transfer cryptocurrency from Bybit’s secure Ethereum cold wallet to a hot wallet.During the transfer, the attackers intercepted the transaction, rerouting approximately 401,000 Ethereum coins worth around $1.46 billion to their own wallet.Next, the stolen funds were moved through various wallets and partially converted into Bitcoin and Dai using decentralized exchanges to avoid detection.Finally, the group retained much of the stolen cryptocurrency, possibly waiting for the heightened scrutiny to subside before laundering the remaining assets.Bybit responded to the breach by launching investigations, collaborating with blockchain analysts, and recovering over $40 million. The company secured additional funds to restore its asset holdings to 100%.The attack underscores the critical need for strong security awareness training, as even sophisticated security systems can be undermined by human error.
How the Lazarus group orchestrated its $1.5B cryptocurrency heist
