North Korean Hackers Are Winning. Is the Crypto Industry Ready to Stop Them? - Ep. 789 | Unchained

This Unchained podcast episode investigates the $1.5 billion Bybit hack, attributed to the North Korean Lazarus Group. The discussion features interviews with a MetaMask security expert and a Zero Shadow investigator, detailing the hack's execution via a sophisticated social engineering attack exploiting a multi-sig wallet setup. The experts explain the low-trust environment within North Korean hacking operations and the challenges in tracing and recovering stolen funds, highlighting the use of tools like Pascal's open-source bash script to mitigate such attacks. They also discuss the ongoing laundering efforts and the need for improved security practices and industry collaboration to prevent future incidents. The episode concludes with suggestions for enhancing security measures and addressing the vulnerabilities exploited in the hack.

Outlines

Part 1: Introduction and Background

Part 2: The Bybit Hack

Part 3: Lazarus Group and Money Laundering

Part 4: Solutions and Conclusion

Sign in to continue reading, translating and more.

Open full episode in Podwise

North Korean Hackers Are Winning. Is the Crypto Industry Ready to Stop Them? - Ep. 789

Unchained

Part 1: Introduction and Background

Introduction: Unique Aspects of North Korean Threat Actors

Guest Introductions and Backgrounds

Part 2: The Bybit Hack

The Bybit Hack: Security Setup and the Attack

Addressing Vulnerabilities and Mitigation Strategies

Bybit's Response and Cold Wallet Security

Analysis of Bybit's Risk Management and Industry Standards

Part 3: Lazarus Group and Money Laundering

Evidence Pointing to Lazarus Group and Attribution Challenges

Lazarus Group's Operational Methods and Social Engineering Tactics

Vulnerabilities in the Crypto Industry and the Role of Security

Money Laundering Methods and the Role of Industry Partners

Part 4: Solutions and Conclusion

Proposed Solutions and the Need for Industry Collaboration

Conclusion: Prioritizing Security and Industry Collaboration

North Korean Hackers Are Winning. Is the Crypto Industry Ready to Stop Them? - Ep. 789

Unchained

Part 1: Introduction and Background

00:00Introduction: Unique Aspects of North Korean Threat Actors

Introduction: Unique Aspects of North Korean Threat Actors

04:28Guest Introductions and Backgrounds

Guest Introductions and Backgrounds

Part 2: The Bybit Hack

06:02The Bybit Hack: Security Setup and the Attack

The Bybit Hack: Security Setup and the Attack

16:13Addressing Vulnerabilities and Mitigation Strategies

Addressing Vulnerabilities and Mitigation Strategies

21:41Bybit's Response and Cold Wallet Security

Bybit's Response and Cold Wallet Security

24:25Analysis of Bybit's Risk Management and Industry Standards

Analysis of Bybit's Risk Management and Industry Standards

Part 3: Lazarus Group and Money Laundering

32:05Evidence Pointing to Lazarus Group and Attribution Challenges

Evidence Pointing to Lazarus Group and Attribution Challenges

42:04Lazarus Group's Operational Methods and Social Engineering Tactics

Lazarus Group's Operational Methods and Social Engineering Tactics

50:11Vulnerabilities in the Crypto Industry and the Role of Security

Vulnerabilities in the Crypto Industry and the Role of Security

1:01:02Money Laundering Methods and the Role of Industry Partners

Money Laundering Methods and the Role of Industry Partners

Part 4: Solutions and Conclusion

1:15:16Proposed Solutions and the Need for Industry Collaboration

Proposed Solutions and the Need for Industry Collaboration

1:21:08Conclusion: Prioritizing Security and Industry Collaboration

Conclusion: Prioritizing Security and Industry Collaboration