North Korea Crypto Hackers Steal Record $1.5 Billion

Written by Chriss W. Street

The $3.7 trillion global crypto-currency market was trending down over the last month, before plunging this morning as market participants learned that Ethereum block chain customer “cold digital wallets” were hacked and robbed in a record $1.5 billion hack by The Lazarus Group of North Korea.

Bitcoin was launched as the first crypto-currency in 2008 at a value of $1. Over the next 16 years, each Bitcoin unit rose to over $109,0000 on the evening before President Trump 47 took office January 20, 2025.

Crypto advocates claim that global customer reliance on the electronic blockchain’s distributed ledger linked together via cryptographic hashes provides the ultimate financial asset ownership security and privacy.

But it was just announced that hackers exploitedDubai-based Bybit Exchange on February 21, 2025 to wipe out customer wallets, supposedly due to a flaw in the exchange’s multi-signature value approval processthat tricked Bybit internal management into authorizing enterprise access.

The scale of the hack, coupled with none of the redundant security features of the blockchain and the respected Bybit Exchange flagged any enterprise compromise, set off klaxon horns across the planetregarding potential imbedded risk in even the most secure crypto infrastructure.

Bybit’s Ethereum cold wallet employed multi-signatures for secure storage of Ether (ETH) and related tokens. Bybit’s CEO, Ben Zhou explained that the attack was launched during a routine transfer from the firm’s cold wallet to a customer hot wallet. By manipulating the wallet’s user interface as seen by the company’s signing team, the transaction appeared to bein standard form to Bybit internal approval system and staff –– but in reality it had been altered to enable the thieves to seamlessly withdraw all assets.

A series of Bybit credentialed personnel, including CEO Zhou, digitally initialized authorization for what appeared to be a legitimate transfer to a hot wallet. But once hackers had an authorization code, they gainedwallet control to transfer about 401,000 ETH and a number of ERC-20 tokens to a hacker controlled address.

Bybit is claiming they immediately disclosed the hack and that only one Ethereum wallet was compromised, which would mean all other Bybit Exchange cold and hot wallets are still secure.

A global manhunt for “Bybit Exploiter Feb 2025” was launched that included law enforcement and blockchain forensic analysts.

TRM Labs has now alleged with high confidence that the culprits are part of the notorious North Korea hacker gang called ‘The Lazarus Group,’ due to substantial overlaps observed between a number of North Korean hacks that stole about $800 million last year.

As a sign of confidence, Bybit management stepped-up to acquire $740 million worth of ETH on Sunday evening. The bold move caused the world’s second largest crypto-currency open higher on Monday morning.

But a half hour into trading, Ethereum ETH was hit with massive waves of relentless selling. ETH finished the day down -$276.43 to $2,561.26, for a loss of -9.8%.