Bybit’s $1.4B breach. [Research Saturday]

CyberWire Daily

N2K Networks, Inc.

Daily News, Tech News, News, Technology

4.6 • 1K Ratings

🗓️ 5 April 2025

⏱️ 32 minutes

🔗️ Recording | iTunes | RSS

🧾️ Download transcript

Summary

Zach Edwards from Silent Push is discussing their work on "New Lazarus Group Infrastructure, Acquires Sensitive Intel Related to $1.4B ByBit Hack and Past Attacks." Silent Push analysts uncovered significant infrastructure used by the Lazarus APT Group, linking them to the $1.4 billion Bybit crypto heist through the domain bybit-assessment[.]com registered just hours before the attack. The investigation revealed a pattern of test entries, VPN usage, and fake job interview scams targeting crypto users, with malware deployment tied to North Korean threat actor groups like TraderTraitor and Contagious Interview. The team also identified numerous companies being impersonated in these scams, including major crypto platforms like Coinbase, Binance, and Kraken, to alert potential victims. The research can be found here: Silent Push Pivots into New Lazarus Group Infrastructure, Acquires Sensitive Intel Related to $1.4B ByBit Hack and Past Attacks Learn more about your ad choices. Visit megaphone.fm/adchoices

Transcript

Click on a timestamp to play from that location

0:00.0	You're listening to the Cyberwire Network, powered by N2K.
0:09.7	Is your AppSec program actually reducing risk?
0:18.0	Developers and AppSec teams drown in critical alerts, yet 95% of fixes don't reduce real risk.
0:25.6	Why? Traditional tools use generic prioritization and lack the ability to filter real threats from noise.
0:33.6	High-impact threats slip through and surface in production, costing 10 times more to fix.
0:39.9	Ox Security helps you focus on the 5% of issues that truly matter before they reach the cloud.
0:46.4	Find out what risks deserve your attention in 2025.
0:50.1	Download the application security benchmark from Ox Security.
0:54.2	Thank you. Download the application security benchmark from OX Security. Hello everyone and welcome to the CyberWires Research Saturday.
1:11.8	I'm Dave Bittner, and this is our weekly conversation with researchers and analysts tracking down the threats and vulnerabilities,
1:19.7	solving some of the hard problems and protecting ourselves in a rapidly evolving cyberspace.
1:25.5	Thanks for joining us.
1:38.3	This report that we did really came on the heels of the $1.4 billion by-bit hack.
1:44.6	And our team, of course, went when we saw this news, along with every other researcher in the industry,
1:49.7	we immediately said, my goodness, that's the largest heist that's ever existed in crypto.
1:54.7	Is there anything that we can see within this hack to figure out additional details or pivot into other parts of their infrastructure?
1:57.9	That's Zach Edwards, a researcher at Silent Push. The research we're discussing
2:02.4	today is titled New Lazarus Group Infrastructure, Acquires Sensitive Intel related to $1.4 billion
2:09.4	by-bit hack and past attacks.
2:16.9	And so we essentially started to immediately just look for any domains that mentioned by bit that were registered recently.
2:28.3	And so our process was rather elementary at the start of it, but almost immediately we had a hit that there was a domain by bit-assessment.com that was registered just hours before the attack supposedly occurred.
2:46.0	And so our team started looking into this domain and immediately in the Who Is Records, there was an email address exposed, which actually had been used in other Lazarus, North Korean hacker attacks in the past.
	...

Transcript will be available on the free plan in 3 days. Upgrade to see the full transcript now.

Previous episode | Next episode

Disclaimer: The podcast and artwork embedded on this page are from N2K Networks, Inc., and are the property of its owner and not affiliated with or endorsed by Tapesearch.

Generated transcripts are the property of N2K Networks, Inc. and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.