North Korean hackers successfully laundered $300 million from a massive crypto heist.
The Lazarus Group, a well-known cybercriminal outfit linked to North Korea, pulled off the $1.5 billion crypto heist two weeks ago by infiltrating crypto exchange ByBit.
Since then, investigators have been scrambling to track and block the stolen digital assets before they can be converted into usable cash.
Advert
Already, the hackers have converted at least $300 million (£232 million) to unrecoverable funds.
Experts believe the group is working around the clock to move and disguise the money.
"Every minute matters for the hackers who are trying to confuse the money trail and they are extremely sophisticated in what they're doing," said Dr. Tom Robinson, co-founder of crypto investigator Elliptic.
Advert
"I imagine they have an entire room of people doing this using automated tools and years of experience. We can also see from their activity that they only take a few hours break each day, possibly working in shifts to get the crypto turned into cash."
Now, ByBit has confirmed that 20% of the total haul has now 'gone dark,' meaning it is effectively lost.
Dr. Robinson also pointed out that North Korea is the best at laundering crypto, potentially carrying out dozens of hacks over the years to fund the nation's military and nuclear development.
The hackers struck on 21 February, targeting a ByBit supplier and secretly altering a digital wallet address which was meant to receive 401,000 Ethereum crypto coins.
Advert
Unknowingly, ByBit transferred the entire sum to the hackers, thinking it was its own digital wallet.
ByBit's CEO, Ben Zhou, assured customers that none of their funds have been affected as the company has since replaced the stolen assets using loans from investors.
Furthermore, Zhou announced that his company was 'waging war on Lazarus' and announced a bounty program, which encourages members of the public to trace the stolen funds and alert crypto firms to block transfers where possible. It's working well as so far, 20 people have earned over $4 million in rewards for identifying and freezing $40 million of the stolen funds.
Advert
Because crypto transactions are public, investigators can follow the stolen money as it moves through the blockchain.
If Lazarus tries to convert the coins into traditional currencies like US dollars, major crypto exchanges can block those transactions if they detect a link to criminal activity.
Despite the efforts to catch the perpetrators, many experts believe most of the stolen money will never be recovered.
"North Korea is a very closed system and closed economy so they created a successful industry for hacking and laundering and they don't care about the negative impression of cyber crime," said Dr. Dorit Dor at cybersecurity company Check Point.