Taylor Monahan, a security expert at MetaMask, joins to discuss the alarming rise of North Korean hackers, particularly the notorious Lazarus group, following the historic $1.5 billion Bybit hack. They delve into the mechanics of such sophisticated attacks, highlighting social engineering tactics that prey on unsuspecting employees. Monahan shares insights on how these hackers launder stolen funds and stresses the crypto industry's urgent need for improved security measures to combat these evolving threats.
01:27:05
forum Ask episode
web_stories AI Snips
view_agenda Chapters
auto_awesome Transcript
info_circle Episode notes
volunteer_activism ADVICE
Gnosis Safe Practices
Use Pascal's open-source tool to verify Gnosis Safe transactions before signing.
Be paranoid and investigate any errors or discrepancies to mitigate risks.
insights INSIGHT
Low Trust Laundering
North Korean hackers operate in a low-trust environment, impacting their laundering methods.
They frequently hand off funds and dust collect, unlike lone-wolf DeFi hackers.
insights INSIGHT
Speed Over Stealth
North Korean hackers prioritize speed and mitigating interception risk over concealing identity.
Unlike other hackers, they don't fear arrest, so they optimize for quick cash conversion.
Get the Snipd Podcast app to discover more snips from this episode
$1.5 billion gone in an instant. And what’s worse, to fund a nuclear weapons program.
The largest crypto hack in history just hit Bybit, and the culprit is the infamous North Korean hacking group, Lazarus. Known for some of the most sophisticated cyber heists ever, they often use social engineering tactics and start by tricking low level employees. Although they can often wait to launder funds, in the case of Bybit they started right away.
How did this happen? Could it have been prevented? And what does this mean for the security of the entire crypto industry?
Taylor Monahan, security at MetaMask, and Jonty, a senior investigator at zeroShadow, talk all about it.
Show highlights:
2:53 Taylor’s and Jonty’s backgrounds and why they are relevant to this discussion
6:06 What the mechanics of the hack were
13:03 How Lazarus usually operates and the tactic of blind signing
17:11 Jonty’s important tips for people handling large amounts of crypto
23:45 How Bybit was able to say almost immediately that their other assets were secure
29:02 How much exchanges typically hold in each cold wallet
32:00 Why the evidence of the hack points to North Korean group Lazarus
41:01 Why North Korean hackers don’t care if their attack is linked to them
49:30 How Lazarus typically social engineers its hacks
53:48 Why Jonty thinks the industry needs a serious upgrade in terms of security
58:08 How the funds get laundered in such cases and what the industry can do
1:09:54 The chances Lazarus actually makes money from the hack
1:15:34 How DeFi protocols should approach this problem
Visit our website for breaking news, analysis, op-eds, articles to learn about crypto, and much more: unchainedcrypto.com
Unchained