North Korean hackers who orchestrated a billion-pound cryptocurrency heist have successfully cashed out over £232,000,000 of their loot.
The hackers, known as the Lazarus Group, pulled off the biggest heist in history during a raid on crypto exchange ByBit two weeks ago, which saw them plunder £1.1 billion’s worth of digital currency Ethereum, the second most valuable cryptocurrency after Bitcoin.
Since then, law enforcement agencies have been engaged in an intense cat-and-mouse game with the hackers as they seek to reclaim the stolen cryptocurrency before it is converted into untraceable currency.
‘Every minute matters for the hackers who are trying to confuse the money trail and they are extremely sophisticated in what they’re doing,’ said Dr Tom Robinson, co-founder of crypto investigators Elliptic.
North Korea has a reputation of being among the best crypto launderers in the world, he added, and said the odds of tracking down the stolen assets was incredibly slim.
‘I imagine they have an entire room of people doing this using automated tools and years of experience,’ he told the BBC. ‘We can also see from their activity that they only take a few hours break each day, possibly working in shifts to get the crypto turned into cash.’
It is thought around 20% of the stolen crypto has already ‘gone dark’, meaning it is unlikely to ever be recovered.
ByBit CEO Ben Zhou has assured customers the rest of their funds are safe, and the company has replenished the stolen funds with loans from investors.
The company has since ‘declared war’ on Lazarus and announced a bounty programme to encourage people to track down and report the stolen crypto.
All crypto transactions are displayed publicly on a blockchain, which means it is technically possible to track the money as it is moved around by the Lazarus Group.
If the hackers try to convert the crypto into cash using conventional means, the stolen coins can be frozen and returned to their owner.
But due to North Korea’s closed economy, in which the vast majority of cash is funneled into the government, tracking down the transactions could be more difficult.
So far the initiative has paid out £4,000,000 in rewards to 20 individuals, although authorities are pessimistic about recovering the majority of the loot.
The Lazarus Group has been linked to a series of high-profile crypto heists in recent years, including:
- A $41m hack on UpBit in 2019
- A $275m attack on KuCoin in 2020 (with most funds recovered)
- The $600m Ronin Bridge hack in 2022
- A $100m theft from Atomic Wallet in 2023
Despite mounting evidence suggesting otherwise, Pyongyang has consistently denied any association with the Lazarus Group.
In 2020, the US added North Koreans accused of being part of the group to its Cyber Most Wanted list.
But the chances of the individuals ever being arrested are extremely slim unless they leave their country.
Get in touch with our news team by emailing us at [email protected].
For more stories like this, check our news page.
