FBI Accuses North Korean Hackers of $1.5 Billion Crypto Heist

The FBI has attributed one of the largest-ever cryptocurrency thefts to hackers linked to North Korea. The cybercriminals allegedly stole around $1.5 billion worth of Ethereum from a Dubai-based company.

The attack, which took place earlier this month, targeted Bybit, a major cryptocurrency exchange. According to U.S. authorities, the perpetrators are linked to hacker groups known as TraderTraitor and Lazarus Group, both of which have been previously implicated in large-scale cyber heists.

The FBI has detailed how the hackers steal cryptocurrency “through the dissemination of cryptocurrency trading applications that were modified to include malware that facilitates theft of cryptocurrency.”

FBI Warns About North Korea’s Involvement

In a public service announcement on Wednesday, the FBI confirmed that it believes North Korean-backed hackers were “responsible for the theft.”

“TraderTraitor actors are proceeding rapidly and have converted some of the stolen assets to Bitcoin and other virtual assets dispersed across thousands of addresses on multiple blockchains,” the agency stated. “It is expected these assets will be further laundered and eventually converted to fiat currency.”

So far, North Korean state media has remained silent about the allegations, and the country’s diplomatic mission in Geneva has not responded to inquiries regarding the FBI’s claims.

According to South Korea’s intelligence agency, North Korea has stolen approximately $1.2 billion in cryptocurrency and other digital assets over the past five years. These cyberattacks reportedly serve as a key source of foreign currency, which helps sustain North Korea’s fragile economy and finance its nuclear weapons program.

A U.N. panel is also investigating 58 suspected cyberattacks attributed to North Korea between 2017 and 2023. These incidents have allegedly resulted in the theft of $3 billion, which is believed to have supported “the country’s development of weapons of mass destruction.”

Bybit CEO Responds to FBI Announcement

Bybit’s co-founder and CEO, Ben Zhou, acknowledged the FBI’s findings in a social media post, linking to a website that is offering $140 million in bounties to track and freeze the stolen crypto assets.

Bybit has stated that the attack exploited a routine Ethereum transfer from a cold (offline) wallet, allowing hackers to manipulate the transaction and move the funds to an unknown address.

“It was a highly sophisticated hack that targeted cold wallets via a blind signing type of exploit, whereby the attackers create a fake interface that deceives users since it is a near identical copy of the trusted platform,” explained Manuel Villegas, an analyst at Julius Baer.

The blockchain analytics firm Certik has labeled this incident as “the largest breach” in blockchain transaction history.

The massive theft has caused volatility in the cryptocurrency market, with investor confidence shaken despite recent optimism tied to U.S. President Donald Trump’s election. Bitcoin, the leading cryptocurrency, traded at over $82,000 per coin on Thursday, dropping from a high of over $100,000 a month ago.

“The situation … is certainly painful for Bybit’s customers and will likely raise additional regulatory scrutiny,” Villegas added.