Odaily星球日报讯 Bybit 被盗事件已基本被认为是朝鲜黑客组织 Lazarus Group 所为。Chainalysis 此前曾发布过 Lazarus Group 针对赃款的“处置”报告。一般情况下，Lazarus Group 会采取三步“处置”得手的赃款：第一步是将所有 ERC20（包括 stETH 等流动性衍生代币）兑换成 ETH；第二步是将 ETH 兑换成 BTC；第三部是通过亚洲交易所将 BTC 逐步兑现为法币。整个过程可能持续多年。

Odaily星球日报讯 Bybit 被盗事件已基本被认为是朝鲜黑客组织 Lazarus Group 所为。Chainalysis 此前曾发布过 Lazarus Group 针对赃款的“处置”报告。一般情况下，Lazarus Group 会采取三步“处置”得手的赃款：第一步是将所有 ERC20（包括 stETH 等流动性衍生代币）兑换成 ETH；第二步是将 ETH 兑换成 BTC；第三部是通过亚洲交易所将 BTC 逐步兑现为法币。整个过程可能持续多年。

Bybit被盗背后黑客Lazarus处理赃款路径为ETH-BTC-法币，销赃过程或持续多年

Odaily reported that the Bybit hacking incident is believed to have been carried out by the North Korean hacker group Lazarus Group. Chainalysis had previously released a report on Lazarus Group's "disposal" of the stolen funds. Typically, Lazarus Group follows a three-step "disposal" process for the stolen funds: first, converting all ERC20 tokens (including liquid derivatives like stETH) into ETH; second, converting the ETH into BTC; and third, gradually cashing out the BTC into fiat currency through Asian exchanges. The entire process may take several years.

Odaily reported that the Bybit hacking incident is believed to have been carried out by the North Korean hacker group Lazarus Group. Chainalysis had previously released a report on Lazarus Group's "disposal" of the stolen funds. Typically, Lazarus Group follows a three-step "disposal" process: first, converting all ERC20 tokens (including liquid derivatives like stETH) into ETH; second, converting the ETH into BTC; and third, gradually cashing out the BTC into fiat currency through Asian exchanges. The entire process may take several years.

The hacker Lazarus behind the Bybit theft processed the stolen funds through ETH-BTC-fiat currency, and the process of selling the stolen funds may last for many years

The safe management of large funds must use an institutional-level custodian solution.

Nearly 1.5 billion US dollars was stolen from Bybit, the largest theft in human history. How did North Korean hackers do it?

Odaily reported that Beosin Trace detected a security incident at Bybit, where assets worth $1.44 billion were withdrawn, including: 401,347 ETH worth $1.12 billion; 90,376 stETH worth $253.16 million; 15,000 cmETH worth $44.13 million; and 8,000 mETH worth $23 million. The funds are now divided into groups of 10,000 ETH and deposited in more than 40 Ethereum addresses. All the hacker addresses have been added to the Beosin KYT label library, and Beosin KYT will issue alerts for any fund transfers involving these addresses. Beosin's security team analyzed that the attack method in this incident is similar to the WazirX case, where the front-end UI was used to deceive and get the multi-signature wallet to sign malicious content, resulting in the funds being transferred out.

Beosin Trace: A total of 514,723 ETH and derivatives were stolen from Bybit

Odaily reports that ZachXBT posted on his personal Telegram channel that his sources confirm it's a security incident with Bybit. Additionally, ZachXBT warned relevant personnel at major exchanges to blacklist the following EVM addresses: 0x47666fab8bd0ac7003bce3f5c3585383f09486e2, 0xa4b2fd68593b6f34e51cb9edb66e71c1b4ab449e, 0x36ed3c0213565530c35115d93a80f9c04d94e4cb, 0x1542368a03ad1f03d96D51B414f4738961Cf4443. Previously, on-chain sleuth ZachXBT posted on his personal Telegram channel that he had detected suspicious outflows of over $1.46 billion from Bybit, and would provide updates on the related addresses, which is 0x47666Fab8bd0Ac7003bce3f5C3585383F09486E2. mETH & stETH are currently being swapped for ETH on DEX.

The hacker Lazarus behind the Bybit theft processed the stolen funds through ETH-BTC-fiat currency, and the process of selling the stolen funds may last for many years

Download app to participate in rewarding events