The FBI has officially identified the North Korean government as the entity responsible for the staggering $1.4 billion Ethereum theft from the cryptocurrency exchange Bybit. The bureau confirmed the attribution in a formal public advisory issued on Wednesday, linking the sophisticated breach to the notorious cybercriminal collective known as TraderTraitor.
The Mechanics of the Multi-Billion Dollar Attack
The incident, which first came to light on February 21, saw attackers siphon off 401,346 Ethereum, valued at approximately $1.4 billion at the time of the breach. Following the initial discovery, various security firms and blockchain researchers pointed to state-sponsored actors from North Korea, a theory now validated by federal investigators.
According to the official FBI advisory, the perpetrators are moving with significant speed to obscure the trail of the stolen funds. The bureau noted that the TraderTraitor actors have already begun converting the pilfered Ethereum into Bitcoin and other virtual assets.
Laundering Tactics and Asset Dispersion
The stolen capital is currently being fragmented across thousands of unique addresses spanning multiple blockchains. Federal authorities warn that this is a deliberate strategy to complicate tracking efforts, with the ultimate goal of laundering the assets through various mixers before converting them into fiat currency.
Bybit’s Response and Bounty Program
In the wake of the heist, Bybit has taken aggressive measures to recover the lost funds. The exchange has launched a massive $140 million bounty program, incentivizing security researchers and intelligence experts to assist in tracing the movement of the stolen Ethereum and identifying opportunities to freeze the assets before they can be fully liquidated.