ByBit hackers laundered 499,000 ETH through THORChain in just ten days. Authorities have linked the incident to North Korea.
FBI Confirms North Korean Involvement
The FBI officially linked the ByBit hack to North Korea, attributing the attack to the TraderTraitor actors. The agency stated that portions of the stolen ETH were converted into Bitcoin and other cryptocurrencies. To counter these actions, the FBI called on RPC node operators, crypto exchanges, blockchain analytics firms, DeFi services, and other virtual asset providers to block transactions tied to the stolen assets.
How the Hack Happened
ByBit confirmed that the hack took place during a routine transfer of Ethereum from an offline 'cold' wallet to a 'warm' wallet used for daily trading activities. The attacker exploited security vulnerabilities to access the funds and transferred them to an unknown address. The hacker employed a complex laundering strategy involving intermediary wallets, decentralized exchanges, and cross-chain bridges. THORChain played a major role in the process, sparking controversy within its community.
Efforts to Recover the Stolen Funds
ByBit is actively seeking to recover the stolen funds, offering a 10% bounty for any recovered amounts. This attack heightens concerns about North Korean cyber operations targeting the crypto sector. Agencies like Elliptic have flagged over 11,000 wallet addresses linked to the attack.
The hackers laundered $1.39 billion through THORChain, with possible North Korean involvement.
