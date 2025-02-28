Technology News
FBI Accuses North Korean Hackers of Bybit Attack, Urges Crypto Firms to Block Linked Transactions

The FBI anticipates further laundering of the stolen assets.

Written by Radhika Parashar, Edited by Siddharth Suvarna | Updated: 28 February 2025 10:18 IST
FBI Accuses North Korean Hackers of Bybit Attack, Urges Crypto Firms to Block Linked Transactions

Photo Credit: Unsplash/ Towfiqu Barbhuriya

An Ethereum wallet of Bybit was hacked on February 21

Highlights
  • Bybit is investigating the attack  
  • FBI maintains commitment to protect the VDA community
  • The FBI has listed Ethereum addresses linked to the attack
The FBI has attributed the recent attack on Dubai-based Bybit crypto exchange to North Korean hackers. The agency has called on crypto firms to help block the stolen funds. According to Bybit CEO Ben Zhou, a hacker gained control of one of the exchange's offline Ethereum wallets, resulting in a loss of nearly $1.5 billion (roughly Rs. 13,006 crore). Following the attack earlier this month, Arkham Intelligence reported that the stolen assets are already being transferred to new addresses for liquidation.

In an announcement posted on February 26, the FBI agency said that North Korean hackers are using the ‘TraderTraitor' activity to convert the stolen funds into other crypto tokens and distribute them across ‘thousands of wallets'. The FBI expects that the stolen assets are likely to be laundered further.

As part of the post, the FBI has released a list of 51 Ethereum wallet addresses that have been identified among those holding portions of the stolen assets. These addresses are known to be linked to North Korean TraderTraitor actors.

“FBI encourages private sector entities including RPC node operators, exchanges, bridges, blockchain analytics firms, DeFi services, and other virtual asset service providers to block transactions with or derived from addresses TraderTraitor actors are using to launder the stolen assets,” the post said.

The recent Bybit attack is reportedly the biggest crypto hack so far.

As per Zhao, “The signing message was to change the smart contract logic of our ETH cold wallet. This resulted (in the) hacker taking control of the specific ETH cold wallet we signed and transferred all ETH in the cold wallet to this unidentified address.”

In its internal forensic probe, the exchange found that malicious code was inserted into its system for hackers to gain access to the wallet and facilitate the attack. The exchange also said that there was no indication of compromises identified within the exchange's internal systems.

A detailed assessment of the incident is still underway.

A Chainalysis report released in December revealed that crypto hacks led to $2.2 billion (roughly Rs. 18,710 crore) in stolen funds in 2024—a 21 percent increase from 2023.

In response, crypto firms like Tron, Tether, TRM Labs, and Chainalysis are joining forces in anti-crime alliances to assist law enforcement in tracking stolen assets and blocking suspicious transactions.

Radhika Parashar
Radhika Parashar
Radhika Parashar is a senior correspondent for Gadgets 360. She has been reporting on tech and telecom for the last three years now and will be focussing on writing about all things crypto. Besides this, she is a major sitcom nerd and often replies in Chandler Bing and Michael Scott references. For tips or queries you could reach out to her at RadhikaP@ndtv.com. More
