North Korea appears to have pulled off the world's biggest heist, another worrying sign of the hermit kingdom's growing prowess in cybercrime.
State-backed hackers stole about $1.5 billion from cryptocurrency exchange Bybit last week, according to the FBI. That's more than the largest known bank theft of all time, when Saddam Hussein stole $1 billion from Iraq's central bank on the eve of the 2003 war.
Subscribe to The Week
Escape your echo chamber. Get the facts behind the news, plus analysis from multiple perspectives.
Sign up for The Week's Free Newsletters
From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.
From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.
The 'magnum opus'
Just after 2pm on Friday 21 February, a "notorious group of hackers" pulled off what could be "their magnum opus", said The Independent. In just minutes, they stole from one of the world's most popular crypto exchanges and "funnelled" the digital currency "across the internet to anonymous wallets".
Investigators were able to follow the funds in real time using the blockchain – the online ledger of every crypto transaction. They noted a pattern of laundering "closely mirroring a technique" used by The Lazarus Group: one of the world's "most sophisticated hacking operations".
The group, allegedly "backed by North Korea since its inception in 2009", caused "worldwide chaos" in 2017 with the WannaCry ransomware attacks, which infected 200,000 computers across 150 countries – including NHS systems. But this latest theft would be the group's "largest strike to date" – the haul is equivalent to North Korea's entire annual defence budget.
Bybit CEO Ben Zhou has called for a "war against Lazarus", issuing a $140 million bounty to recover the funds. The move, a first for the industry, could mark the beginning of "coordinated global action" to "take down Lazarus".
A 'haven' for hackers
In the past, Pyongyang "relied on its elite hacking cadres to conduct espionage or steal trade secrets", said The Telegraph. Science prodigies are identified at a young age, and "pushed to compete in international maths and programming competitions".
But increasingly, these hackers are being used as "a weapon of economic warfare": a way to "bolster the coffers" of a regime battered by sanctions and the Covid-19 pandemic. And the "virtually unregulated" cryptocurrency industry is a "haven" for hackers.
Attacks by North Korean groups have "plagued the industry for years", said The New York Times.
Last year, hackers linked to the country stole more than $1.3 billion in cryptocurrency: a "dramatic jump" from the $660 stolen in 2023, reported The Guardian, and about 61% of the $2.2 billion stolen globally. The proceeds of The Lazarus Group's "audacious thefts" are believed to have funded the regime's nuclear and missile programmes.
"Hackers linked to North Korea have become notorious for their sophisticated and relentless tradecraft, often employing advanced malware, social engineering, and cryptocurrency theft to fund state-sponsored operations and circumvent international sanctions," Chainalysis said in its report.
These attackers are getting "better and faster at massive exploits".
-
Critics' choice: Outstanding new Japanese restaurantsFeature An all-women sushi team, a 15-seat listening bar, and more
-
Why do Dana White and Donald Trump keep pushing for a White House UFC match?TODAY'S BIG QUESTION The president and the sports mogul each have their own reasons for wanting a White House spectacle
-
'Quiet vacationing': a secret revolt against workplace cultureThe explainer You can be in two places at once
-
Illicit mercury is poisoning the AmazonUnder the Radar 'Essential' to illegal gold mining, toxic mercury is being trafficked across Latin America, 'fuelling violence' and 'environmental devastation'
-
Thailand is rolling back on its legal cannabis empireUnder the Radar Government restricts cannabis use to medical purposes only and threatens to re-criminalise altogether, sparking fears for the $1 billion industry
-
Scattered Spider: who are the hackers linked to M&S and Co-op cyberattacks?The Explainer 'Decentralised and adaptive', the group's mainly English-speaking members operate like an 'organised criminal network'
-
Haitian gangs massacre hundreds accused of 'witchcraft'Under the Radar Vodou practices blamed for gang leader's son's illness, as elderly are hacked to death in Port au Prince
-
Italy's prisons crisisUnder the Radar Severe overcrowding, dire conditions and appalling violence have brought the Italian carceral system to boiling point
-
How people-smuggling gangs workThe Explainer The Government has promised to 'smash' the gangs that smuggle migrants across the Channel. Who are they and how do they work?
-
Pig butchering: one of the world's fastest growing scamsIn the Spotlight Beijing is cracking down on the crypto con but this has only pushed it worldwide
-
Iwao Hakamada: Japan's record-breaking death row prisonerUnder the Radar Former boxer spent 46 years condemned to execution but his retrial could clear his name
