The hackers stole more cryptocurrency in one attack than all the funds stolen by North Korean cyber criminals in 2024, when the rogue state’s cyber attackers made off with around $1.3bn in digital coins, according to cryptocurrency analysts Chainalysis.
Can’t people just stop trading that specific coin? Or just say it’s now worth 1$?
This was a targeted attack against a cryptocurrency exchange. The specific crypto happened to be Ethereum (ETH), but more importantly the hackers were able to identify and target the specific employees needed for their multi-signature transactions and infect their machines with malware to alter the user interface and show different destination wallet addresses. The exchange Bybit has offered a 10% bounty which could earn whitehats up to $140 million for any funds recovered, but I would be very surprised to see huge success with the use of mixers and such.
I’m sure Trump will give Kim high fives
I’m impressed. As the old Arabic poem goes ليتني كوري شمالي
love that bit about nuclear attack on new york
what’s your favorite bit?
deleted by creator
Crypto once again showing why it’s either just a casino with extra steps or a way to buy drugs rather than a serious solution for any currency or real world transactions.
It’s so amazing and digital and modern and easy to steal.
Specifically too it’s very easy to steal in bulk. Sure scamming grandma and grandpa out of their life savings has way fewer safeguards with crypto than with fiat currency, but it’s absolutely still possible without crypto and happens all the time. This is the monetary equivalent of stealing nearly 16,000 kg of gold – something unthinkable with fiat currency.
Though someone did steal 3,000 kg of gold one time.
That’s fucking WILD, I have never read about that.
It is insane that you can do that kind of a thing just sitting in front of a laptop with Tails now, though.
Yeah, it’s pretty crazy
They made a TV mini-series about it a few years ago. It’s called The Gold. If you’re in the UK, it’s on BBC iPlayer. If not, then there may be other means of acquiring it!
I will absolutely check that out, thank you!
Holy moly. 3,000 kg of gold at today’s price would be $281,382,000 (281 million dollars). Gold is $93,794 per kg at the moment.
Are there crypto scams? yes, and plenty of them. Can you buy drugs with them? sure (and I thinks that’s great!) Do either of the above statements get at the core issue here? not at all.
The issue here is not with the crypto itself. The issue here is the same issue that is regularly a problem anywhere software is deployed, digital security. The take away here is that many (all?) crypto exchanges are failing to properly secure their systems. Which is why the general rule that anybody investing in crypto should follow is never keep crypto in an exchange wallet unless you plan on trading it in the very short term. As an extension of that rule, you should never keep your crypto in a wallet that you don’t hold the private keys for. If you don’t have the private key for the wallet, it’s not your wallet. Not your wallet, not your crypto.
i feel the issue is with crypto
Ok, thanks!
I have never really understood exchanges tbh. Centralizing decentralized currency feels like getting the downsides of normal money/investments with fewer of the benefits.
It’s so the lambs can pretend to own “stock” in crypto therefore defeating the whole purpose of cryptocurrencies. And then it gets shorted and margined and bulshitted…
Its because crypto doesn’t work for 90% of things like people want to too so you have to use an exchange to make it faster.
You know you could’ve asked what I already know instead of assuming it’s nothing and giving me the most basic 101 lecture all because I spoke ill of the almighty crypto. I mined for three years.
It wasn’t meant as a lecture for you. I made no assumptions about what you know, just what you said. The lecture was for others coming by your comment because lots of people don’t know the dangers of keeping crypto in exchange wallets.
Apologies if I offended you.
I don’t think that was an attack on your knowledge, but rather a disclaimer for other readers. I could be wrong, though!
The take away here is that many (all?) crypto exchanges are failing to properly secure their systems.
When your adversary is a nation-state with an actual army of hackers that can work 24/7 and deploy 0-days, it’s hard to say for sure the exchange is at fault for not handling security properly. This isn’t a lone Kevin Mitnick pulling a stunt, this is literal cyber warfare.
Yet conventional currencies are not randomly having billions transfered out of accounts and to north korea?
I would say it is specifically a problem with crypto, i addition to what you said.
you wouldn’t be able to do the above with a bank. They’d just make the transaction not to have happened.
with crypto, e.g. btc, you’d have to convince 2-3 of the big mining pools to undo the transction, so random private actors. and it undo all other transactions done as well.
maybe that it happens is not due to crypto. That it cant be remedied is certainly because crypto.
you wouldn’t be able to do the above with a bank. They’d just make the transaction not to have happened.
No, in almost all cases they simply create another transfer to reverse it. If another bank is involved, they typically pay a fee to that bank to do it.
Source: I work in fintech. I’ve seen plenty of messes the banks clean up this way.
Banks can and certainly have lost large amounts to bad actors who were prepared enough to immediately move the money around and clean it, like what was done in this case.
Doesn’t really happen these days anymore. Banks have tons of risk checks these days and will usually hold any influx or outflux or money to other accounts.
And even then, banks have rules for how to deal with transfers that shouldn’t have happened. In most cases, these transfers would be reversed (for a fee).
Wait till you learn about USD
Wait till you try to buy a coffee or pump your gas or pay rent with crypto. Go do your next transaction today with your crypto of choice I’m sure it’ll be very smooth.
I’m not an assshole so I dont buy gas. But I have bought many a coffee and pizza and sushi with crypto. And I’m paying my rent now with crypto
What’s your point?
You’re not an asshole for buying gas but ok.
Where are you where all these services take crypto and which coin? You do all this without ever converting to your local currency? These vendors take the coins directly?
There is a such thing as progress.
deleted by creator
Some vendors take crypto. Most just take gift cards.
Eg airbnb
If you are converting your crypto into gift cards and then spending gift cards that is not the same as spending crypto. That is the entire point.
If you are converting time into magical bank credits and bank credits into USD then thats not the same as spending cash. That is the entire point.
Used for food, rent, bills, buying houses and cars, buying appliances and various tech, paying contractors, paying instructors/trainers in every field online or in person, paying for trips to the other side of the world, easily exchange for foreign currency… Etc.?
That USD?
Yeah, the one that’s used to launder money, buy drugs, and gamble more than any other currency in the world
Mostly because it’s the main currency, no?
For criminals yeah
You’re insane.
Guess you dont know much about money laundering
Yeah, but crypto bros specifically told me “Blockchain! Anonymous cryptographic fungible NFT AI!”
Love me a fungible non fungible token
Isn’t it only worth 1.5 billion if you manage to sell it? How would you liquidate this much crypto?
Launder it and slowly sell it off through sock puppets.
They’re a nation-state level actor, they have significant resources of their own and solid ties to both China and Russia, who are even more skilled and have even more resources.
North Korea’s GDP would technically be up 5% from this. Great success.
Doesn’t cagr though.
Looks like hexbear will be funded after all
Sadly I’m afraid Hexbear doesn’t get the Xi-bux it rightly deserves, it’s even blocked by the great Chinese firewall (thought the reasons aren’t clear). I wish the left was as well funded as people claim :(
You joke, but it looks like they actually did manage to regain their domain. Not sure how.
Last I read, the admin who was a day late in paying Sav for the renewal was actually able to transfer the domain to a different registrar (PorkBun) before Sav’s auction of the domain was complete. This maneuver was either something that Sav’s auction designers hadn’t anticipated, or the auction was compromised because the main bidder (j_s_) was a hexbear user who’d found a way to make unauthenticated bids.
At any rate, I don’t think they paid thousands for it.
Money most likely.
Nah, hexbear admins and users were pretty clear and unanimous from minute 1 that they’d rather have that money spent in mutual aid (go visit c/mutual_aid in Hexbear if you’re interested) than in giving money to a cyberlandlord.
I heard they just a bunch of crypto they forgot about.
Is this the cause of the dip?
Did Kim steal Musk’s jacket?
The article actually doesn’t provide any proof it was North Korea. Why do they think it was North Korea?
Probably Israel leaving clues to make it look like DPRK
First of all, I love that this is an AOL link. AOL is still around, eh?
Second, isn’t crypto supposed to be trackable in the ledger? How are they hiding that much coin under a new name? That’s the whole point of crypto.
Why would they need to hide it?
That’s a good point, but I’m not sure that’s in crypto’s favor. Since we know who now owns the stolen crypto, would someone buy it from them? Who is going to honor it? So, does the exchange just go defunct and everyone is out, or…?
There are ways to clean crypto, by mixing it with other sources. See crypto mixers
Depends on the coin. Bitcoin is more trackable than cash. But privacy coins provide…privacy
Oh I’m sure that’ll settle things down. World peace can’t be that far away!
Agents from Pyongyang were able to breach the systems of Dubai-based exchange Bybit to steal the digital coin Ether, according to security analysts.
*More
Hackers gained access to Bybit’s internal systems using so-called “phishing” email, which prompted an employee to input their login details to a seemingly legitimate website that was actually compromised.
The hackers were then able to gain access to a so-called “cold wallet” – a supposedly secure cryptocurrency storage device that holds coins offline and away from the internet. When Bybit came to transfer funds from the offline wallet to its online systems, the hackers sabotaged the transfer and stole the funds.
Why does any one employee have the ability to unilaterally move this much value? Even in non-malicious circumstances that doesn’t seem like a good way of organising a currency?
So hot wallets?
No. From the article, phishing to get access to a cold wallet…
Any technical juicy deets?
They phished an employee and got cold-wallet access.
