North Korean hackers have carried out the largest cryptocurrency theft on record, stealing $1.5 billion in a single attack, security analysts told CNN.
The cyberattack targeted Bybit, which claims to be the world’s second-largest cryptocurrency exchange with more than 40 million users.
In mere minutes on Friday, the hackers managed to seize an amount nearly equal to a significant portion of North Korea’s reported annual GDP.
By the weekend, they had already begun laundering approximately $160 million of the stolen funds through various accounts linked to North Korean operatives, according to crypto-tracing firm TRM Labs.
The firm added that this single hack nearly doubled the total amount of crypto stolen by North Korean hackers last year.
This incident poses an early challenge for the Trump administration as it seeks to prevent North Korea from using cybercrime to finance its nuclear and missile programs.
“We’ve never seen anything on this scale before,” said Nick Carlsen, a former FBI intelligence analyst specializing in North Korea, now working at TRM Labs.
“The ability of these illicit financial networks to absorb such huge amounts of money so quickly is deeply concerning.”
North Korea’s elite hacking units serve as a crucial revenue source for the heavily sanctioned regime, according to both current and former officials from the U.S. and South Korea.
Reports from the United Nations and private cybersecurity firms indicate that North Korean hackers have stolen billions from financial institutions and cryptocurrency platforms in recent years.
In 2023, a White House official stated that approximately half of North Korea’s missile program funding comes from these digital heists.
Bybit CEO Ben Zhou assured users that the platform remains solvent and can absorb the $1.5 billion loss. In a statement, the company said it was working closely with law enforcement and regulators to address the breach.
The FBI declined to comment on the Bybit attack. CNN has also reached out to the North Korean embassy in London for a response.
Once North Korean hackers execute a major heist, they must funnel the stolen funds back to Pyongyang.
Their laundering strategy typically involves swapping the stolen assets through various forms of digital currency before ultimately converting them into U.S. dollars or Chinese yuan.
Law enforcement agencies in the U.S. and South Korea closely track this process but often have only a few minutes to intervene and seize portions of the stolen assets.
CNN previously reported on a similar operation that recovered $1 million from a $100 million hack targeting a California-based cryptocurrency firm.
Currently, investigators are attempting to recover some of the $1.5 billion stolen from Bybit.
One team of security experts has managed to retrieve approximately $43 million so far, while Tom Robinson, co-founder of crypto-tracing firm Elliptic, noted that an additional $243,000 had been seized. “A drop in the ocean, but a start,” he said.
Bybit has announced a reward, offering 10% of any reclaimed funds to security experts who assist in recovering the stolen assets.
Carlsen, the former FBI analyst, urged stronger measures against North Korea’s hacking operations. “The current strategy from governments and industry clearly isn’t working,” he said.
“People should be going back through the drawing board right now on how to deter and punish North Korea for these hacks.”
Source-CNN
