On February 21, The largest cryptocurrency has started to open. Hacker Gain control of an electronic wallet Belongs to the second largest cryptocurrency exchange in the world, Bybit and have stolen nearly 1.5 billion dollars of digital notice. They quickly gave money between dozens of cryptocurrencies and services to test and obscure activities, before starting to withdraw money for stolen funds. outside.
The eye -catching digital raid has all the characteristics made by one of North Korea's elite hackers. While Bybit is still solvent by borrowing cryptocurrencies and launching Project on bonuses to monitor Funds were stolen, FBI quickly crush On North Korean hackers are called Traderraitor.
Before the bybit Heist, Tradertraitor was linked to other high -end cryptocurrency theft and the compromise of the supply chain software.
Michael Barnhart, a long -term cyber security researcher focused on North Korea and investigators at Dtex Systems Security Company. They did not go far. They did not try to stop. They had a clear conspiracy and planned that and they were doing it right now, he said.
ChosenHackers of people from China, Russia and Iran, are considered one of the most sophisticated and most dangerous life threats for Western democracy. While all these countries are involved in spying and stealing sensitive data, North Korea's network activities are accompanied by their own separate goals: helping Hermit Kingdom. Nuclear program. Increasingly, that means stealing cryptocurrencies.
In at least the past five years, Kim Jong-un's totalitarian regime has implemented Technical skills It works To enter the companies around the world And earning wages can be sent back to his homeland. In some cases, after being fired, those workers blackmail their owners by threatening to release sensitive data. At the same time, North Korean hackers, part of the wide umbrella Lazarus groupStealing billions of cryptocurrencies from exchanges and companies around the world. Makeup TraderTraitor part The larger Lazarus Group, running out of the Reconnaissance Department, the North Korean intelligence agency.
Traderraitor, also known as Sleet Jade, Slow Pisces and UNC4899 By security companiesMainly interested in cryptocurrencies.
They use many innovative techniques to participate in blockchain, cryptocurrencies, anything to do with the platforms, trading forums, all the differences around the cryptocurrency and decentralized finance, according to Mr. Sherrod Degrippo, director of threatening intelligence strategies at Microsoft. Sket Silet Group (Tradertor) is one of the most sophisticated groups in that echo, she said.
Tradertraitor first appeared in early 2022, many cybersecurity researchers said, and it is likely to be a branch of North Korea's APT38 group hacked Swift and tried to steal $ 1 billion From Bangladesh Central Bank in early 2016. They left with very little money, he said, Dtex Systems's Barnhart. In that moment, you had a real and significant change.
Barnhart said that North Korea realized that based on others, such as money, could make their activities less effective. Instead, they can steal cryptocurrencies. Two groups emerged from that tactical change, Barnhart said, Cryptocore and TraderTraitor. Mr. Tradraitor is the most sophisticated person of all, he said. And why? Because APT38 is Team A.