Listen to the episode on Apple Podcasts, Spotify, Pods, Fountain, Podcast Addict, Pocket Casts, Amazon Music, or on your favorite podcast platform.

$1.5 billion gone in an instant. And what’s worse, to fund a nuclear weapons program.

The largest crypto hack in history just hit Bybit, and the culprit is the infamous North Korean hacking group, Lazarus. Known for some of the most sophisticated cyber heists ever, they often use social engineering tactics and start by tricking low level employees. Although they can often wait to launder funds, in the case of Bybit they started right away.

How did this happen? Could it have been prevented? And what does this mean for the security of the entire crypto industry?

Taylor Monahan, security at MetaMask, and Jonty, a senior investigator at zeroShadow, talk all about it.

Show highlights:

  • Taylor’s and Jonty’s backgrounds and why they are relevant to this discussion
  • What the mechanics of the hack were
  • How Lazarus usually operates and the tactic of blind signing
  • Jonty’s important tips for people handling large amounts of crypto
  • How Bybit was able to say almost immediately that their other assets were secure
  • How much exchanges typically hold in each cold wallet
  • Why the evidence of the hack points to North Korean group Lazarus
  • Why North Korean hackers don’t care if their attack is linked to them
  • How Lazarus typically social engineers its hacks
  • Why Jonty thinks the industry needs a serious upgrade in terms of security
  • How the funds get laundered in such cases and what the industry can do
  • The chances Lazarus actually makes money from the hack
  • How DeFi protocols should approach this problem

 

Thank you to our sponsors!

EPISODE TRANSCRIPT

Guests:

Links

  • Previous coverage on Unchained about North Korean hackers: