How Tricky Minds Stole Billions in Cryptocurrency
An Invisible Threat
In the world of cryptocurrency, keeping your money safe is super important. But even the strongest security systems can be fooled by something called social engineering. Recently, a huge cryptocurrency heist happened, and it shows how sneaky these tricks can be.
A Billion-Dollar Heist
On February 21, 2025, a big cryptocurrency exchange called Bybit had a massive problem. Hackers stole about $1.5 billion worth of Ethereum tokens![3][5] This wasn’t just a random hack; it was a clever plan involving social engineering and attacking the supply chain. The hackers were from North Korea, part of a group called Lazarus.[3][5]
Tricking People: Social Engineering
Social engineering is when hackers trick people into giving away important information or doing something that makes the system less safe. In the Bybit hack, the hackers fooled someone at a company called Safe{Wallet}, which Bybit uses to keep its money safe.[3] They might have used special tricks called zero-day exploits to do this.[3]
Attacking the Supply Chain
The hackers found a way to change a small part of Safe{Wallet}’s system. They replaced a harmless JavaScript file with a bad one that would only start working when Bybit tried to move its money.[3] This is like hiding a secret trap that only goes off when you least expect it!
North Korean Hackers: The Suspects
North Korean hackers, especially the Lazarus Group, have done many big cryptocurrency heists. They often use tricks like phishing, social engineering, and attacking the supply chain.[3][5] The Bybit hack is just one part of a bigger pattern of North Korea’s cyber attacks, which have stolen over $5 billion in cryptocurrency since 2017![5]
Hiding the Money Trail
After the hack, the stolen money was quickly moved around to different blockchains, decentralized exchanges, and cross-chain bridges.[5] This makes it really hard to track the money, like trying to find a single thread in a big, tangled ball of yarn![5]
What We Can Learn
The Bybit hack shows us that we need to be extra careful with social engineering and supply chain attacks in the world of cryptocurrency. We need to make our security better, teach people how to spot tricks, and always be ready to adapt to new threats.[3][5]
—
Sources:
– thehackernews.com
– trmlabs.com
