Top crypto companies infiltrated by cyberattacks orchestrated by North Korean hackers, as revealed by Changpeng Zhao
In the dynamic world of cryptocurrency, a series of high-profile hacks have raised concerns about security and privacy. The latest in this string of incidents involved the breach of Bybit, a leading cryptocurrency exchange, which saw the theft of an estimated $1.5 billion worth of digital assets. This incident, according to data from Chainalysis, has contributed significantly to the staggering $2.17 billion in crypto stolen so far.
Another major player in the industry, Coinbase, is suspected to have suffered a breach. Changpeng Zhao, the CEO of Binance, suggested that a major U.S. exchange, possibly Coinbase, experienced a loss of over $400 million in user assets. Last weekend, some Coinbase users received security alerts, warning that their personal information may have been improperly accessed.
The breach at Bybit and the suspected incident at Coinbase are not isolated cases. North Korean hackers have been using social engineering tactics to infiltrate cryptocurrency companies. They create fake job offers via LinkedIn or Telegram, posing as recruiters to gain the trust of employees and users. By doing so, they have been able to steal digital assets, with reported losses totalling over $1.34 billion. Groups like Lazarus and Famous Chollima have employed these tactics to secure jobs under false identities, infiltrate organizations, and deploy malware or conduct fraud.
The breach at Bybit occurred in May 2025 and involved customer service employees in India who were bribed for unauthorized access. The hack resulted in the theft of personal information, including names, birth dates, addresses, nationalities, government identification numbers, banking information, and account information.
These incidents highlight the need for increased security measures in the cryptocurrency industry. As the use of digital assets continues to grow, so too does the attractiveness of these platforms to hackers. It is crucial for exchanges and users alike to prioritise security to protect their assets and personal information.
Read also:
- Strategies for Adhering to KYC/AML Regulations in India, a Leading Fintech Center (2024)
- Updated Framework for NIST Cybersecurity: Comprehensive Insight into the Latest Version
- Insecure coding practices permeate numerous businesses, potentially leading to significant future difficulties in ensuring system safety.
- NSA's Focused Surveillance on Three Areas of Generative AI in Cybersecurity Domain
