SBI Hack: North Korean Hackers Suspected of $21M Crypto Theft

Reports by ZachXBT state that Japanese financial giant group SBI Holdings had a crypto mining pool hacked for $21 million in digital assets, with funds laundered through Tornado Cash

Author Image
Posted by Alan Rada Updated:
Google News Google News
SBI Holdings logo on display. SBI Hack: North Korean Hackers Suspected of $21M Crypto Theft

Share this crypto insight on your favorite social media platform

Key Takeaways

  • The SBI hack was a $21 million multi-currency theft of Bitcoin (BTC), Ethereum (ETH), Litecoin (LTC), Dogecoin (DOGE), and Bitcoin Cash (BCH) from SBI’s mining pool. 
  • Blockchain investigator ZachXBT identified the hack, noting various tactical similarities to the North Korean state-sponsored group’s previous attacks.
  • SBI Group, one of the largest financial services companies in Japan, has not yet publicly acknowledged the security breach or the missing funds.

A Major Crypto Heist Targets Japanese Giant

The crypto community is shaken one more time by another major security breach, as the SBI hack targets the mining pool of Japanese financial titan SBI Holdings. On September 24, blockchain investigator ZachXBT and security firm Cyvers uncovered around $21 million in suspicious outflows from addresses affiliated with SBI Crypto. The stolen funds, a diversified portfolio of major cryptocurrencies, were quickly funneled through instant exchanges and into the crypto-mixing service Tornado Cash, a classic obfuscation technique used by sophisticated hackers.

SBI Hack: Reports by ZachXBT state that Japanese financial giant group SBI Holdings had a crypto mining pool hacked for $21 million in digital assets, with funds laundered through Tornado Cash.
ZachXBT Telegram post on the SBI Hack. 

Read also: UK Seizure of £5.5bn Bitcoin Reveals Biggest Crypto Fraud In History

The North Korean Connection  

So far, investigators suspect that the SBI hack has fingerprints of North Korean state-sponsored hackers, specifically the infamous Lazarus Group, which has been involved in numerous hacks and cyberattacks since at least 2014. 

The attack pattern, including draining funds across several blockchains and immediately using mixers to launder, matches previous exploits attributed to the Democratic People’s Republic of Korea (DPRK). This raises the incident out of a simple crime to international cybersecurity, emphasizing how some nation-states are methodically trying to exploit crypto-infrastructure to fund their activities, for instance, in the Ukraine-Russia war.

SBI Hack: Reports by ZachXBT state that Japanese financial giant group SBI Holdings had a crypto mining pool hacked for $21 million in digital assets, with funds laundered through Tornado Cash.
SBI Hack Map. (Image source: TRM / ZachXBT)

Read also: INTERPOL’s Global Financial Crime Operation Recovers $439M, Freezes 400 Crypto Wallets

Silence and Remaining Questions

Even a week after the alleged SBI hack, SBI Holdings remained silent on the subject or informed its mining pool members. The lack of clarity and transparency is worrying, especially if their payouts are affected or if there are implications for corporate operational security. To this point, the incident elevates a powerful message where even the most established traditional finance (TradFi) firms entering the crypto industry are vulnerable to highly resourced adversaries, continuous threats, that accentuate the urgent need for more robust, enterprise-grade security.

FAQs

What was stolen in the SBI hack?

Hackers drained a mix of cryptocurrencies, including Bitcoin (BTC), Ethereum (ETH), Litecoin (LTC), Dogecoin (DOGE), and Bitcoin Cash (BCH), worth around $21 million.

Who is suspected of being behind the attack?

Blockchain investigator ZachXBT and security firm Cyvers suspect the North Korean Lazarus Group is involved in the hack, based on the attack’s methodology.

Has SBI group made a statement denouncing the breach?

To this date, SBI Holdings has not publicly condemned or posted on the alleged breach.

For more crypto hack stories, read: Seoul Police Dismantle $30M Crypto Korean Hacking Organization with Chainalysis

Disclaimer

All content provided on Times Crypto is for informational purposes only and does not constitute financial or trading advice. Trading and investing involve risk and may result in financial loss. We strongly recommend consulting a licensed financial advisor before making any investment decisions.

Author Image
Posted by Alan Rada News Writer at Times Crypto

A Content and Community Management specialist with a knack for turning complex ideas into engaging stories. With a solid IT background, Alan has led teams to create and refine impactful projects across industries. He’s passionate about Web3, Health, Science, Finance, and Sports/Fitness, bringing a unique blend of technical expertise and creative flair to every piece he writes. When he’s not crafting content, you’ll find him diving deep into research or just having some fun!

Read Next