In a stunning cyber heist, hackers have managed to make off with a substantial sum of various cryptocurrencies, including 4.5 million USDT, 500 ETH, 106,000 USDC, 924,000 BSC-USD, 268.5 BNB, and a staggering 97 million CPD. The perpetrators behind this audacious act swiftly converted the stolen assets into Ethereum (ETH).
They transferred them to externally owned accounts on the Ethereum and Binance Smart Chain (BNB) networks. Subsequently, they funneled the ill-gotten gains into several centralized exchanges, including MEXC, ChangeNow, and WhiteBit.
The heist
The hackers’ identity remains shrouded in mystery. Still, cybersecurity experts at Cyvers are raising the alarm, suspecting the involvement of the notorious Lazarus Group, a North Korean state-sponsored hacking collective.
This latest incident has sent shockwaves through the cryptocurrency community, rekindling concerns about the security of digital assets and the persistent threat cyber criminals pose.
Cyvers, the cybersecurity firm that has been closely monitoring the situation, has identified inadequate wallet access control as the root cause of this security breach. Alarmingly, this is not the first time the exchange has been targeted.
In July 2023, Cyvers alerted the exchange to potential vulnerabilities after a $100 million theft linked to the North Korean Lazarus Group targeted the Coinspaid system and Alphapo.
The cryptocurrency heist unfolds
The heist began with the hackers gaining unauthorized access to the exchange’s wallets, enabling them to rob various cryptocurrencies. The stolen assets included 4.5 million USDT, 500 ETH, 106,000 USDC, 924,000 BSC-USD, 268.5 BNB, and an astonishing 97 million CPD, amounting to a substantial sum in the ever-volatile world of cryptocurrencies.
The hackers exhibited high sophistication by swiftly converting the stolen assets into Ethereum (ETH). This conversion allowed them to obfuscate the origins of the funds, making it more challenging for authorities to trace the assets.
To complicate efforts to track the stolen assets further, the hackers transferred the converted ETH to externally owned accounts on the Ethereum and Binance Smart Chain (BNB) networks. This tactic made it increasingly challenging for investigators to follow the money trail.
Funneled into centralized exchanges
The cybercriminals did not stop at converting and transferring the stolen assets. They took the audacious step of funneling the ill-gotten gains into several centralized exchanges, including MEXC, ChangeNow, and WhiteBit. This move aimed to facilitate the laundering stolen cryptocurrencies and potentially convert them into other digital or fiat currencies.
While the attackers’ identity remains uncertain, the finger of suspicion points towards the Lazarus Group. This North Korean state-sponsored hacking collective has a notorious history of high-profile cyberattacks, including previous cryptocurrency heists. Their expertise in evading law enforcement and conducting complex cyber operations makes them a prime suspect in this latest incident.
Cyvers’ warnings
Cybers, the cybersecurity firm closely monitoring the situation, has issued stern warnings about the inadequate wallet access control that allowed this breach to occur. Their previous alert to the exchange in July 2023, following a similar theft linked to the Lazarus Group, appears to have gone unheeded, ultimately resulting in another substantial loss.
We are aware of attempts to deposit funds stolen in the Coinspaid incident to WhiteBIT.
Security and compliance with AML standards is one of WhiteBIT's main priorities. Therefore, we have frozen the funds in question and are conducting the relevant procedures.
Link https://twitter.com/WhiteBit/status/1743683345861480936?t=RdSm6PgbddzNlSH1ukt5lg&s=19
