Blockchain -Analytic Company Arkham Intelligence said North Korea’s Lazarus group was behind Bybits Hack of $ 1.46 billion that Onchain Sleuth Zachxbt identified.
In a previous post on Social Media Platform X, Arkham offered a bounty of 50,000 ARKM -Tokens to anyone who could identify attackers for Friday’s hack. Later, the platform said that Zachxbt provided “definitive proof” that attackers were the North Korean hacker group.
“His submission included a detailed analysis of test transactions and connected wallets used in front of the utilization, as well as several forensic graphs and timing analyzes,” the post said.
Read more: Bybit loses $ 1.5B in hack but can cover losses, confirms CEO
The hack, which shook the crypto market and saw most awards tumbled, was called “Biggest Cryptot theft over time, by some margin” by Elliptics Tom Robinson, co -founder and chief scientist. “The next biggest cryptotft would be the $ 611 million stolen from Poly Network by 2021. In fact, it may even be the biggest single theft of time.”
Blockchain data provider Nansen told Coindesk that attackers first drew nearly $ 1.5 billion value of funds from the exchange to a main wallet and then distributed them to several wallets. “Originally, the stolen funds were transferred to a primary wallet, which then distributed them over more than 40 wallets,” Nansen said. “The attackers converted all Steth, Cmeth and Meth to ETH before systematically transferred ETH in $ 27 million steps to over 10 extra wallets,” Nansen said.
The attack seemed to be caused by something called “blind signing”, where a smart contract transaction is approved without extensive knowledge of its content. “This attack vector quickly becomes the preferred form of cyber attack used by advanced threat players, including North Korea. It’s the same type of attack used in the brilliant capital of capital and Wazirx incident,” Blockchain Security Firm Blockaid’s CEO IDO Ben Natan said.
“The problem is that even with the best key handling solutions today, most of the signing process is delegated to software boundary surfaces that interact with DAPPS. This creates a critical vulnerability – it opens the door to malicious manipulation of the signing process, which is exactly what happened in this attack , “He said.
Bybit’s CEO Ben Zhou earlier on X wrote that a hacker “took control of the specific Eth Cold Wallet and transferred Al ETH in the cold wallet to this unidentified address.” He also confirmed that the exchange “is solvent even if this hackt loss is not restored.”
Oliver Knight contributed to the reporting of this story
Read more: Bitcoin, Ether Slump, then Crypto Price Dip On Report of Massive $ 1.5 B Bybit Hack
