back to article Bybit declares war on North Korea's Lazarus crime-ring to regain $1.5B stolen from wallet

Cryptocurrency exchange Bybit, just days after suspected North Korean operatives stole $1.5 billion in Ethereum from it, has launched a bounty program to help recover its funds. In announcing the initiative, CEO and co-founder Ben Zhou claimed Kim Jong Un's crack cyber-crime ring Lazarus pilfered the digital dosh, which would …

  1. petef

    "The transaction was manipulated by a sophisticated attack that altered the smart contract logic and masked the signing interface, enabling the attacker to gain control of the ETH cold wallet. As a result, over 400,000 ETH and stETH worth more than $1.5 billion were transferred to an unidentified address."

    This is not unique to crypto but whenever I see an attack described as "sophisticated" I read it as "oh yes, we didn't think of that".

    1. Doctor Syntax Silver badge

      It was an awful lot of eggs to have put into one basket.

      1. John69

        A basket made by some third party Javascript at that.

    2. Brad Ackerman

      If it would have been solved by basic security practices (in this case, using PAWs for administrative access), it's not that sophisticated.

  2. Tron Silver badge

    Bounty to be paid in bars.

    quote: 'on-chain and in real life'.

    Yeah. I'm almost entirely 'on-chain' now too. Meatbags, your world is nothing to me. Akira has achieved pure energy and soon I will too.

  3. Anonymous Coward
    Anonymous Coward

    Hey!

    Someone stole our invisible magic beans!

    Let’s offer some other invisible magic beans to try and get them back.

    1. Andy The Hat Silver badge

      Re: Hey!

      Some beans and some more beans. Isn't that a very small casserole?

  4. An_Old_Dog Silver badge

    Unknowable Security

    It appears the security of peoples' crypto-coin accounts rests on the intelligence, skill, and wisdom of an unknown number of rando Java Jockeys to keep each and every one of their dev boxes/VMs from being compromised.

    I can imagine it now: "ImaGen AI lets you create images of your dream sex partner with descriptive phrases. Free to use! Download your created images to your own computer or smartphone! Make wallpapers!"

    droooooooool ... >Click<

    (pwnage!)

    1. Cris E

      Re: Unknowable Security

      Man, that would never happen to me. I don't put super-important financial info on my phone where it can be hacked. (I rely on my super-duper-secret thumb drive that I cannot imagine losing.I mean who could lose a thumb drive?)

      1. TimMaher Silver badge
        Coat

        Re: thumb drive

        Depends. Is it still attached to your hand?

  5. Ashentaine
    Facepalm

    And there you go.

    >It's believed the code was changed by compromising an AWS S3 or CloudFront account used by SafeWallet to host its software. This analysis has since been confirmed by the wallet maker itself, which said one of its developer machines was compromised – likely leading to the cloud storage tampering.

    How much do you want to bet that said developer was contacted by "Steve from IT" and told that there was an issue with their account, and could you just install this program AnyDesk please and then log in so we can fix it remotely? That seems to be happening far more often than not these days among people involved with crypto.

  6. MrKrotos

    Bybit declares war on North Korea's Lazarus

    Good luck with that!

  7. Anonymous Coward
    Anonymous Coward

    Trump can solve this

    If the US requires compliance that exchanges need to recover funds that originate from thefts by NK, and not to allow transactions that contain coins that went through mixers that don't comply, it would quickly put a stop to all this state actor theft.

    1. druck Silver badge

      Re: Trump can solve this

      You are aware he is tearing up even the current insufficient regulation of crypto and has unbanned previously sanctioned mixers.

      After all, just look who he votes alongside in the UN these days.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like