A major crypto heist linked to North Korean hackers resulted in the theft of $1.5 billion from Bybit. Analysts at Elliptic link the attack to the Lazarus Group and indicate substantial losses attributed to North Korean cybercrime, with Bybit offering a bounty for recovery. Cryptocurrency values fell sharply post-hack, reflecting the ongoing risk in the digital asset market.

The largest cryptocurrency theft to date, amounting to approximately $1.5 billion, has been attributed to a North Korean cybercriminal group. On February 21, 2025, the Dubai-based exchange, Bybit, experienced a significant security breach, leading analysts from Elliptic to uncover malware that facilitated illegal transactions. The Lazarus Group, linked to North Korea, is believed to be behind this incident due to the laundering patterns observed in the stolen assets.

Since 2017, North Korean hackers have allegedly pilfered over $6 billion in cryptocurrencies, reportedly financing the nation’s ballistic missile program using these illegal proceeds. While Bybit’s CEO, Ben Zhou, assured stakeholders about the exchange’s solvency, as of now, only a small portion of the stolen assets has been traced. To incentivize recovery efforts, Bybit has established a $140 million bounty for those who can help freeze or trace the stolen assets.

Following the hack, the prices of Bitcoin and other cryptocurrencies dropped sharply, reflecting market volatility. Despite this decline, Bitcoin’s value has nonetheless experienced considerable growth since the pro-crypto policies introduced during Donald Trump’s presidency. According to blockchain analysis by Chainalysis, cryptocurrency theft peaked in 2022 at $3.7 billion, with subsequent declines in 2023 and moderate increases in 2024.

Chainalysis highlights that North Korea is a significant player in hacking, accounting for around 20% of all hacking events in 2024, with groups like Lazarus and Kimsuky reportedly responsible for up to $660 million in thefts across 20 incidents last year. These groups utilize sophisticated methods, including advanced malware and social engineering, to conduct thefts aimed at financing the regime and bypassing international sanctions.

Historical data from Chainalysis outlines previous major cryptocurrency hacks, including the Ronin Network hack worth $625 million in March 2022, the $611 million theft of Poly Network in August 2021, and several others leading back to early breaches like the Mt. Gox hack in 2011.

The article outlines the largest cryptocurrency heist attributed to North Korean hackers, detailing the methods used and the significant financial implications. Bybit’s response through bounty offerings reflects an industry grappling with security challenges, while the broader trend of cyber theft in cryptocurrency highlights the persistent risks facing digital finance. As North Korea’s malicious cyber activities continue to evolve, the cryptocurrency landscape must adapt to safeguard assets.

Original Source: news.sky.com