• Hey, guest user. Hope you're enjoying NeoGAF! Have you considered registering for an account? Come join us and add your take to the daily discourse.

Hackers steal $1.5bn from crypto exchange in ‘biggest digital heist ever’

HRK69

HRK69

Member
www.theguardian.com

Hackers steal $1.5bn from crypto exchange in ‘biggest digital heist ever’

Bybit platform appeals to ‘brightest minds’ in cybersecurity for help after attacker transfers Ethereum currency
www.theguardian.com www.theguardian.com

The cryptocurrency exchange Bybit has called on the “brightest minds” in cybersecurity to help it recover $1.5bn (£1.2bn) stolen by hackers in what is thought to be the biggest single digital theft in history.

The Dubai-based crypto platform said an attacker gained control of a wallet of Ethereum, one of the most popular digital currencies after bitcoin, and transferred the contents to an unknown address.

Bybit immediately sought to reassure its customers that their cryptocurrency holdings were safe, while its chief executive said on social media that Bybit would refund all those affected, even if the hacked currency was not returned.

“Bybit is solvent even if this hack loss is not recovered, all of clients assets are 1 to 1 backed, we can cover the loss,” Ben Zhou, Bybit’s co-founder and chief executive, posted on X.

He added that the company held $20bn in customer assets, and would be able to cover any unrecovered funds itself or through loans from partners.

Bybit, which has more than 60 million users worldwide and is the world’s second-largest cryptocurrency exchange by trading volume, said news of the hack had led to a surge in withdrawal requests.

Zhou wrote that the company had received more than 350,000 requests from customers to withdraw their funds, which could lead to delays in processing.

Bybit said the hack occurred when the company was making a routine transfer of Ethereum from an offline “cold” wallet to a “warm” wallet, which covers its daily trading. An attacker exploited security controls and was able to transfer the assets. Zhou said all other wallets on the exchange were unaffected.

The price of Ethereum dropped by nearly 4% following news of the hack on Friday, but has since almost returned to previous levels.

The company has called on “the brightest minds in cybersecurity and crypto analytics” to help it try to recover the hacked funds, and is offering a reward of 10% of the amount recovered, which could total $140m if the entire hacked amount was retrieved.

“Bybit is determined to rise above the setback and fundamentally transform our security infrastructure, improve liquidity, and be a steadfast partner to our friends in the crypto community,” Zhou said in a statement.

The hack is a setback for the crypto industry, which has rebounded in recent months after benefiting from Donald Trump’s return to the White House, and his promises to make the US the “crypto capital of the planet” amid looser regulation.

Although the identity of the Bybit attacker is unknown, some reports have suggested that the perpetrators could be North Korean state hackers, such as the Lazarus Group, who have been blamed for previous large-scale heists, including the $615m theft from the blockchain project Ronin Group in 2022.
Click to expand...
 
HRK69

HRK69

Member
Hookshot said:
"Bybit"

Click to expand...

This obviously wouldn't happen at ony other platform!

unimpressed michael keaton GIF
 
Mr1999

Mr1999

Gold Member
AJUMP23 said:
How do people keep stealing Crypto. And how do you expect it to be a real option if hackers can keep stealing peoples assets?
Click to expand...
If you have spare time, check out ledger on reddit, it's almost every week someone posts a thread saying they were hacked, and it's almost always the same story, guy wakes up to find his account emptied and then posts about it saying how he never shared his keywords and that he's not a newbie. The amount they lose is what always gets me, almost always a large sum, 30k, 50k. I don't touch crypto because of it.
 
Trogdor1123

Trogdor1123

Member
AJUMP23 said:
How do people keep stealing Crypto. And how do you expect it to be a real option if hackers can keep stealing peoples assets?
Click to expand...
I was wondering the same thing. How does this even work? Are all of the wallets compromised? I know next to nothing about cryptocurrency so any who can explain this to me I would greatly appreciate it
 
Y

YCoCg

Member
ClanOfNone said:
The Ocean’s 11 reboot is just gonna be a bunch of nerds sitting in front of pc’s.
Click to expand...
No way that's only one part, think of the Hollywood flair here...

So the movie starts off with the hackers tracing down a large wallet owned by the Dubai Elite, they've somehow got a transfer lock on it so it can't be sent, meaning they'd have to retrieve the hard drives and keys directly from their building.

Luckily for them, they hosting a party in the same building on the top floor of the above the clouds skyscraper (think Hitman 3) and that's where the Oceans crew come in, they have to infiltrate the party, split up into two groups, one to distract the party hosts and the other to descend the building into the server room to bypass the security locks and plug some usb drives into random server racks until they find the one with the hard drives housing the crypto. It's at this point they find out the transfer keys are on a usb drive that the host wears around his neck and it's then upto to the distract crew to get that from him, hijinks ensures.

Once both are complete, they have the unlock key and the server racks of hard drives, they must escape undetected and get back to the US to deliver the goods to the hackers. Mission complete.

You can thank me later Hollywood, I'll take my royalties by cheque.
 
thefool

thefool

Member
AJUMP23 said:
How do people keep stealing Crypto
Click to expand...

Highly sophisticated social engineering. These criminals technical achievements are impressive.

Trogdor1123 said:
I was wondering the same thing. How does this even work? Are all of the wallets compromised? I know next to nothing about cryptocurrency so any who can explain this to me I would greatly appreciate it
Click to expand...

If you want to know how it happened, check Patrick Collins explanation



He's a well known dev and smart contract auditor.
 
Last edited:
Paltheos

Paltheos

Member
AJUMP23 said:
How do people keep stealing Crypto. And how do you expect it to be a real option if hackers can keep stealing peoples assets?
Click to expand...

I'm still not convinced it can be. The vast majority of my awareness of crypto treatment by the public is speculatively and as a security, not as a currency, and I trust investment firms and banks to at least hold my assets responsibly more than I do crypto exchanges. The environment stinks of fraud to me.
 
Mr1999

Mr1999

Gold Member
It boils down to the choice of holding your own keys versus not holding your keys, with each side blaming the other when they get hacked. If you have your own hardware wallet and get hacked, it’s "your keys, your coins." But if you don’t use a hardware wallet and keep your coins on Coinbase for example, and you get hacked, it’s "not your keys, not your coins."

For example hackers don't need your coinbase user/password to access your account, and two factor authentication doesn’t protect you since they manage to steal the instance from your files while you’re browsing the site. I've read enough posts to feel like an expert, but they always find new ways to hack people, even when the person was cautious.

Sometimes the entire ledger device has been tampered it, someone buys it, opens it up and prints their own key phrases and puts it inside the ledger, repackages it and sells it, unknowing person buys the ledger and deposits all their money but the keywords are known. There's so many vectors to lose your money. People have sworn up and down that they never gave out their key phrases but still somehow managed to get hacked, that's the scary part of it.

All you can do at that point is file a police report, or find someone who may be able to get it back for a fee, which is highly unlikely, in fact there are scammers who prey on people who lost their coins, to scam them again, seen that happen as well. Don't believe me, just google "I lost all my crypto" or "Crypto stolen" into google, and search for last month and just read the threads that pop up.

Then there are those who never got hacked but saved their wallets in some configuration or they did something where they see their money in their wallet, but they can't access it, that's a whole other topic though. My point is, there are very knowledgeable people out there who have done this since its conception and they still every now and then get robbed. That's not something Im willing to risk, I don't know about you but I don't want to even imagine how crappy I would feel if I lost even $5,000, never mind the 100K some of these posts are claiming to have lost. No thanks
 
Last edited:
S

SidViscous

Member
So maybe someone does have a working quantum computer after all, in theory the trick would be to do it gradually so as not to tank the whole market before you’ve cleared out a few of these massive exchange wallets.

Let them think you got the keys via some other nerfarious one-off means, intentionally don’t clear out the biggest wallet to make it look like an isolated incident.

If coinbase or kraken announce something similar in the coming months, I for one welcome our new computer overlords
 
Last edited:
thefool

thefool

Member
ntropy said:
i thought a vital point of bitcoin was forgoing financial institutions
Click to expand...

a) this is ethereum, not bitcoin (not that changes a thing about whatever point you are trying to make)

b) a vital point of crypto is freedom of choice. Self-custody, p2p, using programmable smart contracts or depositing on centralized institutions is your choice to make.
 
You must log in or register to reply here.

Similar threads

AT&T Suffers Massive Hack: 'hacker stole some data from 'nearly all' wireless customers' (No PII at least)
10
979
Ownage replied
Sony is going to go full Blockchain in a few years
News Business 2 3
113
7K
Danknugz replied
Australia plans to ban children from social media
2 3 4
160
8K
Cyberpunkd replied
Satya Nadella: Annual letter to stockholders. Content on new platforms will continue
4 5 6 7 8
352
21K
noob smokes replied
[PC Gamer] How Cyberpunk 2077 clawed its way back from disaster to complete one of the greatest redemption arcs in gaming history
Opinion News 2
99
9K
EDMIX replied
Top Bottom