this post was submitted on 25 Feb 2025
292 points (98.7% liked)

World News

689 readers
615 users here now

Rules:

  1. Be a decent person
  2. No spam
  3. Add the byline, or write a line or two in the body about the article.

Other communities of interest:

founded 5 months ago
MODERATORS
[email protected]
[email protected]
[email protected]
292
North Korea steals $1.5bn as it pulls off world’s biggest ever heist (www.aol.com)
submitted 6 days ago by [email protected] to c/[email protected]
77 comments fedilink hide all child comments
 

The hackers stole more cryptocurrency in one attack than all the funds stolen by North Korean cyber criminals in 2024, when the rogue state’s cyber attackers made off with around $1.3bn in digital coins, according to cryptocurrency analysts Chainalysis.

top 50 comments
sorted by: hot top controversial new old
[–] [email protected] 96 points 6 days ago (21 children)

Crypto once again showing why it’s either just a casino with extra steps or a way to buy drugs rather than a serious solution for any currency or real world transactions.

It’s so amazing and digital and modern and easy to steal.

[–] [email protected] 33 points 6 days ago* (last edited 6 days ago) (1 children)

Specifically too it's very easy to steal in bulk. Sure scamming grandma and grandpa out of their life savings has way fewer safeguards with crypto than with fiat currency, but it's absolutely still possible without crypto and happens all the time. This is the monetary equivalent of stealing nearly 16,000 kg of gold – something unthinkable with fiat currency.

[–] jonc211 12 points 6 days ago (2 children)

Though someone did steal 3,000 kg of gold one time.

https://en.wikipedia.org/wiki/Brink's-Mat_robbery

[–] [email protected] 8 points 5 days ago (2 children)

That’s fucking WILD, I have never read about that.

It is insane that you can do that kind of a thing just sitting in front of a laptop with Tails now, though.

load more comments (2 replies)
[–] [email protected] 5 points 5 days ago

Holy moly. 3,000 kg of gold at today's price would be $281,382,000 (281 million dollars). Gold is $93,794 per kg at the moment.

[–] [email protected] 16 points 6 days ago* (last edited 6 days ago) (9 children)

Are there crypto scams? yes, and plenty of them. Can you buy drugs with them? sure (and I thinks that's great!) Do either of the above statements get at the core issue here? not at all.

The issue here is not with the crypto itself. The issue here is the same issue that is regularly a problem anywhere software is deployed, digital security. The take away here is that many (all?) crypto exchanges are failing to properly secure their systems. Which is why the general rule that anybody investing in crypto should follow is never keep crypto in an exchange wallet unless you plan on trading it in the very short term. As an extension of that rule, you should never keep your crypto in a wallet that you don't hold the private keys for. If you don't have the private key for the wallet, it's not your wallet. Not your wallet, not your crypto.

[–] [email protected] 17 points 5 days ago* (last edited 5 days ago) (2 children)

I have never really understood exchanges tbh. Centralizing decentralized currency feels like getting the downsides of normal money/investments with fewer of the benefits.

[–] [email protected] 17 points 5 days ago

Its because crypto doesn't work for 90% of things like people want to too so you have to use an exchange to make it faster.

[–] PokerChips 4 points 4 days ago

It's so the lambs can pretend to own "stock" in crypto therefore defeating the whole purpose of cryptocurrencies. And then it gets shorted and margined and bulshitted..

[–] [email protected] 17 points 6 days ago (2 children)

You know you could’ve asked what I already know instead of assuming it’s nothing and giving me the most basic 101 lecture all because I spoke ill of the almighty crypto. I mined for three years.

load more comments (2 replies)
[–] [email protected] 3 points 5 days ago (1 children)

i feel the issue is with crypto

[–] [email protected] 1 points 4 days ago

Ok, thanks!

[–] [email protected] 4 points 5 days ago (1 children)

The take away here is that many (all?) crypto exchanges are failing to properly secure their systems.

When your adversary is a nation-state with an actual army of hackers that can work 24/7 and deploy 0-days, it's hard to say for sure the exchange is at fault for not handling security properly. This isn't a lone Kevin Mitnick pulling a stunt, this is literal cyber warfare.

load more comments (1 replies)
load more comments (5 replies)
load more comments (19 replies)
[–] [email protected] 83 points 6 days ago (1 children)

North Korea's GDP would technically be up 5% from this. Great success.

[–] [email protected] 6 points 6 days ago

Doesn't cagr though.

[–] [email protected] 38 points 5 days ago (1 children)

Isn't it only worth 1.5 billion if you manage to sell it? How would you liquidate this much crypto?

[–] [email protected] 42 points 5 days ago

Launder it and slowly sell it off through sock puppets.

They're a nation-state level actor, they have significant resources of their own and solid ties to both China and Russia, who are even more skilled and have even more resources.

[–] [email protected] 45 points 6 days ago (2 children)

Looks like hexbear will be funded after all

[–] [email protected] 5 points 5 days ago (2 children)

You joke, but it looks like they actually did manage to regain their domain. Not sure how.

[–] [email protected] 15 points 5 days ago (2 children)

Money most likely.

[–] [email protected] 8 points 5 days ago

I heard they just a bunch of crypto they forgot about.

load more comments (1 replies)
[–] [email protected] 5 points 5 days ago

Last I read, the admin who was a day late in paying Sav for the renewal was actually able to transfer the domain to a different registrar (PorkBun) before Sav's auction of the domain was complete. This maneuver was either something that Sav's auction designers hadn't anticipated, or the auction was compromised because the main bidder (j_s_) was a hexbear user who'd found a way to make unauthenticated bids.

At any rate, I don't think they paid thousands for it.

[–] [email protected] 2 points 4 days ago

Sadly I'm afraid Hexbear doesn't get the Xi-bux it rightly deserves, it's even blocked by the great Chinese firewall (thought the reasons aren't clear). I wish the left was as well funded as people claim :(

[–] [email protected] 16 points 5 days ago

Did Kim steal Musk's jacket?

[–] [email protected] 14 points 6 days ago (3 children)

First of all, I love that this is an AOL link. AOL is still around, eh?

Second, isn't crypto supposed to be trackable in the ledger? How are they hiding that much coin under a new name? That's the whole point of crypto.

[–] [email protected] 7 points 5 days ago (1 children)

Why would they need to hide it?

load more comments (1 replies)
load more comments (2 replies)
[–] [email protected] 5 points 5 days ago

I'm sure Trump will give Kim high fives

[–] [email protected] 10 points 5 days ago (1 children)

The article actually doesn't provide any proof it was North Korea. Why do they think it was North Korea?

[–] [email protected] 5 points 5 days ago

Probably Israel leaving clues to make it look like DPRK

[–] [email protected] 2 points 4 days ago (1 children)

Can’t people just stop trading that specific coin? Or just say it’s now worth 1$?

[–] [email protected] 2 points 4 days ago* (last edited 3 days ago)

This was a targeted attack against a cryptocurrency exchange. The specific crypto happened to be Ethereum (ETH), but more importantly the hackers were able to identify and target the specific employees needed for their multi-signature transactions, and infect their machines with malware to alter the user interface and show different destination wallet addresses. The exchange Bybit has offered a 10% bounty which could earn whitehats up to $140 million for any funds recovered, but I would be very surprised to see huge success with the use of mixers and such.

[–] [email protected] 8 points 5 days ago

Is this the cause of the dip?

[–] [email protected] 11 points 6 days ago

Oh I'm sure that'll settle things down. World peace can't be that far away!

[–] [email protected] 10 points 6 days ago* (last edited 6 days ago) (2 children)

Agents from Pyongyang were able to breach the systems of Dubai-based exchange Bybit to steal the digital coin Ether, according to security analysts.

*More

Hackers gained access to Bybit’s internal systems using so-called “phishing” email, which prompted an employee to input their login details to a seemingly legitimate website that was actually compromised.

The hackers were then able to gain access to a so-called “cold wallet” – a supposedly secure cryptocurrency storage device that holds coins offline and away from the internet. When Bybit came to transfer funds from the offline wallet to its online systems, the hackers sabotaged the transfer and stole the funds.

[–] Tamo240 1 points 4 days ago

Why does any one employee have the ability to unilaterally move this much value? Even in non-malicious circumstances that doesn't seem like a good way of organising a currency?

load more comments (1 replies)
[–] [email protected] 9 points 6 days ago (1 children)

Any technical juicy deets?

[–] [email protected] 5 points 6 days ago

They phished an employee and got cold-wallet access.

load more comments
view more: next ›