Safe{Wallet} disclosed that the recent $1.5 billion theft from Bybit is attributed to a highly advanced, state-sponsored cyber attack by North Korean actors. The attack employed tactics such as compromising a developer's laptop and hijacking AWS session tokens. This was facilitated through a social engineering attack involving a Docker project. To obstruct investigations, attackers erased malware traces and overall activity logs. Safe{Wallet} has engaged Google Cloud Mandiant for deeper forensic examination to unravel the methods and implications of this serious breach.
The attack involved compromising a developer's laptop and hijacking AWS session tokens, indicating a thorough state-sponsored effort by threat actors to infiltrate and exploit the system.
TraderTraitor, a hacking group linked to North Korea, executed a sophisticated state-sponsored attack that erased traces of its activities, complicating investigation processes.
This security breach on Safe{Wallet} showcases a multi-layered threat, emphasizing the intricacies of social engineering combined with advanced malware tactics to gain unauthorized access.
Safe{Wallet} collaborates with Google Cloud Mandiant for forensic analysis, asserting the necessity of thorough investigations in the face of increasingly complex cyber attacks.
Collection
[
|
...
]