The Global Story: How North Korean hackers launched history's biggest heist - Global News Podcast

Summary6 min read

Global News Podcast Summary
Episode: The Global Story: How North Korean Hackers Launched History's Biggest Heist
Release Date: March 9, 2025
Host: Valerie Sanderson
Guest: Joe Tidy, BBC Cyber Correspondent

1. Introduction to the Bybit Heist

Valerie Sanderson opens the episode by detailing a monumental cybersecurity breach that has stunned the cryptocurrency world. Last month, the cryptocurrency trading platform Bybit fell victim to what is potentially the largest heist in history. In a mere two minutes, hackers siphoned off approximately $1.46 billion worth of Ethereum from Bybit's secure cold wallets (00:34).

Notable Quote:

"It is likely the biggest heist in history. When the cryptocurrency trading platform Bybit was targeted last month, hackers managed to steal almost $1.5 billion in just two minutes." – Joe Tidy (00:34)

2. Understanding Bybit and the Nature of the Attack

Bybit, a prominent cryptocurrency exchange with around 60 million customers, facilitates the exchange of various currencies for cryptocurrencies like Bitcoin and Ethereum. The platform operates with a "hot wallet" for daily transactions and a "cold wallet" akin to a bank’s safe, storing bulk cryptocurrency offline to protect against hacks.

On the night of the attack, hackers exploited the transfer mechanism between Bybit's cold and hot wallets. By compromising an employee from SafeWallet, a company responsible for facilitating these transfers, the hackers redirected $1.46 billion worth of Ethereum to their own cryptocurrency exchange instead of Bybit's hot wallet (01:35).

Notable Quote:

"When Bybit pressed send on their computers, everything looked normal. So they pressed send on $1.46 billion worth of Ethereum. And it didn't go to the Bybit hot wallet. It went to the hackers cryptocurrency exchange." – Valerie Sanderson (01:35)

3. The Unprecedented Scale of the Heist

Joe Tidy emphasizes the unparalleled scale of this heist, surpassing previous significant cryptocurrency thefts. The most notable prior incident was the Ronin Network breach in 2022, where over $600 million were stolen, marking it one of the largest in decentralized finance (03:23). The Bybit heist dwarfs even this, establishing itself as potentially the most extensive financial theft in history.

Notable Quote:

"This is absolutely the biggest crypto theft in history... we think this is the biggest ever theft in history, full stop." – Valerie Sanderson (03:27)

4. Immediate Aftermath and Bybit’s Response

Bybit’s CEO, Ben Zhao, quickly realized the severity of the breach when notified by the security team. Initially believing it to be 30,000 Bitcoin, they were shocked to discover the total loss of 401,000 Ethereum coins. Demonstrating transparency, Zhao held a live stream to inform and reassure customers, addressing their concerns and outlining steps to recover the lost funds. Bybit successfully secured backup loans from investors and began efforts to reclaim the stolen cryptocurrency.

Notable Quote:

"I'm intending to make this live stream go a bit longer so I can answer all of our community's questions, concerns and any issues we can address." – Ben Zhao, Bybit CEO (04:20)

5. Attribution to the Lazarus Group and North Korea

Investigators swiftly identified the Lazarus Group, an elite hacking team linked to the North Korean regime, as the primary suspects behind the heist. This group has a notorious history of state-sponsored cyberattacks aimed at bolstering North Korea's economy amidst international sanctions. Their previous operations include the 2014 Sony Pictures attack, 2021 Kucoin hack, and the 2022 Ronin Network breach.

Notable Quote:

"They didn't just go after one victim; the whole cold wallet drained 401,000 Ethereum coins, $1.46 billion." – Valerie Sanderson (03:27)

Additional Quote:

"They are a very active pipeline of taking talented children who are good at maths and turning them into, you know, superb hackers." – Valerie Sanderson (19:56)

6. Methods of the Heist and Laundering Stolen Funds

The Lazarus Group employed sophisticated techniques to execute and obscure the heist. Utilizing the transparency of blockchain, they meticulously tracked and redirected funds across numerous wallets to complicate tracing efforts. The ultimate goal was to cash out the stolen cryptocurrency, converting it into fiat money. Forensic investigators like Tom Robinson of Elliptic are tirelessly monitoring these transactions to freeze assets before they vanish into less transparent avenues.

Notable Quote:

"The North Koreans are particularly good at this now. They have developed really sophisticated systems, techniques, patterns and behaviors to try and obscure the origin of that money." – Valerie Sanderson (12:29)

7. Bybit’s Innovative Recovery Efforts

In response to the breach, Bybit launched the Lazarus Bounty, an initiative encouraging global volunteers to monitor blockchain transactions and assist in freezing the stolen funds. This collaborative effort has already retrieved approximately $40 million, rewarding participants with substantial incentives. Despite recovering only a fraction of the total stolen amount, this initiative marks a significant step in combating such large-scale cyber thefts.

Notable Quote:

"They are being given money. And so far, I think the last time we looked, about 17 people had been helping. They have recovered, I think, about $40 million." – Valerie Sanderson (15:58)

8. Industry Vulnerabilities and Security Failings

The episode underscores systemic vulnerabilities within the cryptocurrency industry. Lazarus Group’s repeated breaches highlight the sector's dispersed security measures and the "move fast, break things" ethos that often compromises robust defenses. Bybit's incident, along with others like Kucoin and the Ronin Network, illustrate persistent security shortcomings that make major platforms attractive targets for sophisticated hacking groups.

Notable Quote:

"They have pivoted quite heavily from Traditional finance banks, ATMs, the Swift network, very, very heavily into cryptocurrency for a reason... showing that there are major problems in the crypto world." – Valerie Sanderson (21:04)

9. Government and International Response

Governments worldwide face significant challenges in responding to such cybercrimes. Despite clear attribution to North Korean entities like the Lazarus Group, actionable responses remain limited due to geopolitical complexities. The FBI has placed members of Lazarus Group on its Cyber Most Wanted list, but pursuing extradition or legal action against North Korean hackers is fraught with difficulties.

Notable Quote:

"Even if you manage to find out who the hackers are and you have names, addresses, photographs, how can you arrest them? Because, of course, the North Koreans don't cooperate with international requests for extraditions." – Valerie Sanderson (18:25)

10. Future Implications and Confidence in Cryptocurrency

The Bybit heist has broader implications for the cryptocurrency market. Episodes like these undermine public confidence, causing fluctuations in cryptocurrency valuations. While some argue that crypto’s decentralization is its strength, high-profile hacks expose the fragility of security within the ecosystem. Additionally, governmental proposals, such as President Trump’s suggestion of a crypto strategic reserve, indicate increasing institutional interest, albeit with heightened risks of large-scale cyber threats.

Notable Quote:

"But anytime you stockpile anything, the bigger the stockpile, the more likely you are to be at risk of hacking." – Valerie Sanderson (22:27)

Additional Quote:

"Every single time this happens, it does completely understandably knock the confidence in what is a very complicated and fast moving industry." – Valerie Sanderson (23:15)

Conclusion

The Global Story episode meticulously unpacks the audacious $1.46 billion Bybit hack, attributing it to North Korea's Lazarus Group. It highlights the evolving tactics of state-sponsored cybercriminals, the cryptocurrency industry's security inadequacies, and the complex interplay between technological innovation and vulnerability. As the crypto landscape continues to grow, the episode underscores the critical need for enhanced security measures and international cooperation to safeguard digital assets.

Links for Further Information:

Global News Podcast: BBC World Service
Bybit Official Site: Bybit
Elliptic: Elliptic
Lazarus Group Overview: FBI Lazarus Group

Loading summary

Transcript45 lines

[00:00]
Valerie Sanderson
This BBC podcast is supported by ads outside the uk.
[00:05]
Lucy Hawkings
Hello, this is the Global News Podcast from the BBC World Service. I'm Valerie Sanderson with your weekly bonus from the Global Story, which brings you a single story with depth and insight from the BBC's best journalists. There's a new episode every weekday. Just search for the Global Story wherever you get your pods and be sure to subscribe so you don't miss a single episode. Here's my colleague, Lucy Hawkings.
[00:34]
Joe Tidy
It is likely the biggest heist in history. When the cryptocurrency trading platform Bybit was targeted last month, hackers managed to steal almost $1.5 billion in just two minutes. And as a race against time began to stop the culprits cashing out, it didn't take long for fingers to point in one direction. North Korea, the secretive country has long faced allegations of state sponsored hacking via the elite Lazarus Group to prop up its ailing economy. But analysts suggest its malicious activity is on the rise. So after this latest mega theft, how are intelligence agencies fighting back? And are we more vulnerable to hackers than ever before? With me today is the BBC cyber correspondent, Joe Tidy. Hi, Joe.
[01:33]
Valerie Sanderson
Hi.
[01:34]
Joe Tidy
Talk us through what happened.
[01:36]
Valerie Sanderson
Well, it all happened on Friday night, which is normally when the hackers strike because people are off, sort of let their guard down. And what it is is this company called Bybit is a cryptocurrency exchange, Binance, a really famous coinbase. They're the kind of the biggest in the world. But Bybit is also very big, about 60 million customers. And what you do with this app is that you exchan your pounds, dollars, rupees, whatever, for Bitcoin, Ethereum, any cryptocurrencies, obviously thousands of them. And like any kind of shop or bank or business, there is a float, which Bybit has what they call a hot wallet, which is where all the money is that's coming in and going out, coming in and going out all the time. Every second money's coming in and going out. And when that float goes down, they need to get more money in. And they've got something called a cold wallet, which just imagine a giant safe in a bank. You know, you've got the ATMs running cash all day, but you need to go and get more money out of the safe. So the cold wallets are offline, they are safe from hackers. They often store a heck of a lot of cryptocurrency and they need to find a way, of course, to transfer that cryptocurrency from the Cold wallets to the hot wallets. Bybit says this happens maybe every two or three weeks. It's quite a regular thing. But the hackers decided that they would exploit the transfer mechanism that they use to get from the cold to the hot. And they hacked into the employee of a company called SafeWallet, which does those transfers. When Bybit pressed send on their computers, everything looked normal. So they pressed send on $1.46 billion worth of Etherium. And it didn't go to the Bybit hot wallet. It went to the hackers cryptocurrency exchange. Bybit disclosing on Friday that it was hacked in what could be the largest crypto heist ever.
[03:19]
Joe Tidy
So safe wallet was not so safe.
[03:21]
Valerie Sanderson
And indeed, these are the headlines we're reading now.
[03:24]
Joe Tidy
Have we seen anything, Joe, on this kind of scale before?
[03:27]
Valerie Sanderson
No. This is the biggest crypto theft in history. There have been some absolutely enormous ones before this. But the most recent record breaker was a couple of years ago, which was called the Ronin Network. More trouble in crypto. A massive security breach affecting popular NFT game Axie Infinity. And the Ronin Network hackers stole more than $600 million, making it one of the largest hacks in the history of decentralized finance. So this, you know, this is absolutely dwarfing that. And we think, we don't know for sure, but we think this is the biggest ever theft in history, full stop. So that's not just crypto. And crypto does go missing quite a lot in large chunks, but there's been no single heist this big and buy bits.
[04:13]
Joe Tidy
I mean, what a moment for them realizing what's happened. Given it initially looked like an absolutely normal transaction, how did they then respond?
[04:21]
Valerie Sanderson
Yeah, Bybit obviously absolutely stunned by this because it wasn't just that there was one person verifying the transaction. From the cold wallet to the hot wallet, there was what they call multi sig. So there were lots of people involved in this from the company, including the CEO Ben Zhao. And they looked at it and they said, yeah, that all looks good. We'll all sign that. Bish Bash bosh. Oh, dear, where has it gone? Half an hour after the transaction, the CEO said he got a phone call from his security, security guy and he knew something was wrong instantly. He said, have we been hacked? He said, yes. And they thought initially that it was about 30,000 bitcoin, which is a lot of money, millions and millions. But he said, no, Ben, I'm sorry, this is much more serious. This is the entire cold wallet drained 401,000 Ethereum coins, $1.46 billion. So then, of course, to Bybit's credit, there was this crisis situation. Is this going to cost the company? Is this going to cost customers? We've seen in the past when hacks have happened, people have lost money, individual users of that service. But Bybit, to its credit, managed to keep the communication channels open. Hello, everyone. So thank you for tuning in. Very unusually, the CEO went on a live stream on next. As all of you are aware, Bybit experienced a hack on our Ethereum code wallet and kept people informed for more than an hour about what was happening. I'm intending to make this live stream go a bit longer so I can answer all of our community's questions, concerns and any issues we can address. People were sending in questions, that kind of thing, and they managed to get some backup loans from all their investors and everything like that. And they've managed to already recover in the sense of they kind of. They bought back the Ethereum that they lost and now there's this massive hunt to try and get some of the money back from the hackers who are trying to launder it through the Bitcoin network. But it showed to me just how much money there is in cryptocurrency right now. When a company can lose $1.46 billion and then within a couple of days get back on an even kill, it's absolutely insane.
[06:22]
Joe Tidy
And I'm sure one of the questions that people were asking the Bybit CEO straight away is, who's responsible for this? How quickly did the evidence start to point in one particular direction?
[06:32]
Valerie Sanderson
Very quickly. Almost instantly we saw the money didn't just go to a hacker's wallet, it went to wallets that are linked to North Korea, the Lazarus Group in particular, which are a infamous hacking team that is run by and sponsored and tasked by the North Korean regime. They've never admitted this, of course, but it's been going now for at least 10 years. And they've been responsible for some of the biggest crypto thefts. Well, all of the biggest crypto thefts in history. The one I mentioned a little While ago, the $600 million one in 2022, that was the Lazarus Group. I've got a list here because I can't remember them all. So we go back to 2016, when they attacked Bangladesh bank and tried to make off with a billion dollars. They didn't. They only made off of 81 million. The $81 million money laundering scandal is now considered one of the biggest bank heists in Asia. But how exactly did thieves steal such a huge amount of money? So not a bad payday, but not as good as they wanted. They have done lots of ATM attacks where they get ATMs to spit out money all over the world and they can cash in and get the money back to North Korea. There was an attack on a crypto exchange called Kucoin in 2021, and that was $275 million stolen initially. Most of it was recovered. 2022, that was the Ronan Bridge $600 million attack. And there's also been other attacks that have been linked to the Lazarus Group that are more kind of espionage based. The FBI is investigating that destructive cyber attack at Sony Pictures. The bureau is now warning other companies they could be next.
[08:06]
Joe Tidy
Sony Pictures.
[08:07]
Valerie Sanderson
Sony Pictures was. Yeah, that's the big one. 2014. Sources say the cyber attack on Sony Pictures used an especially aggressive malware capable of erasing hard drives and crashing computer networks. Hackers, calling themselves the Guardians of Peace, stole the personal information of more than 6,000 Sony employees. The history there, of course, is absolutely fascinating in that there was a film that was created by Seth Rogen and James Franco. The interview is what it was called, all fictional, all satire, all comedy. But it was about essentially those two actors or their characters going to North Korea to do an interview with Kim Jong Un and being tasked with his assassination. And of course, the North Koreans did not like this one bit, and they hacked Sony Pictures and caused a huge amount of financial damage to that company in response. Then there was another one in 2017, which was a kind of out of control crypto worm. All of these things are very, very unusual in terms of cyber capabilities for a country because normally every country has a hacking group hacking team. Normally it's about espionage, power exertion, sometimes intellectual property theft. But North Korea is the only country that has so heavily gone down, especially in the last five years, the route of financial gain.
[09:26]
Joe Tidy
So there is a proven link between the Lazarus Group and the North Korean government.
[09:31]
Valerie Sanderson
Yes, this has been allegation for many, many years now by the West. So much so that the FBI has released not only names, but pictures of the North Korean hackers that they think and they say are responsible for being part of Lazarus Group. The regime has never admitted this, of course, but no country ever admits that it hacks. And certainly the latest hack, this Bybit 1.46 billion history making hack, straight away, people said, well, look at the method here that was used. And then more importantly, look at where the money's going. And what's happening to it afterwards? Because with cryptocurrency, as we know, every single time any money is transferred from one person to the next, you can see it on the blockchain. There's a record of it forever. And straight away people looked at this and said, ah, this looks like Lazarus, the pattern. Yeah, exactly.
[10:19]
Joe Tidy
So we've looked at what happened and who is behind it. Next. How is the world responding to history's biggest heist? And are we more vulnerable to hackers than ever before? Hi, this is Jenny Garth from I Do Part two. Who do you know on Ozempic or Semaglutide right now? Everyone. Right, these game changing. Weight loss meds are everywhere and Future Health makes it easy to get started. Find out if weight loss meds are right for you in just three minutes at tryfh.com tryfh.com FutureHealth is not a healthcare services provider. Meds are prescribed at providers discretion. Results may vary. Sponsored by futurehealth. This is the global story. We bring you one big international story in detail, five days a week. Follow or subscribe, wherever you listen. With me is our cyber correspondent, Joe Tidy. Joe, these funds, can they be tracked?
[11:24]
Valerie Sanderson
Yeah, that's the incredible thing. Because of course, every time anyone does anything in cryptocurrency, it's all on the blockchain, which is the thing that underpins this brand new type of money. If I sent you some bitcoin, for example, from my wallet to your wallet, it would be shown there would be a random jumble of numbers, which is my wallet. A random jumble of numbers and letters. Your wallet. And you can see that bitcoin went there. So straight away the Incredible thing was 1.46 billion. Where's it gone? Oh, it's gone there. You can see where it's gone, but it's gone to the wrong place. So then of course you've got crypto sleuths around the world who are watching the money being split up into thousands of different amounts across different wallets around the cryptocurrency system and then funneled through various different systems. Because the difficulty of course, for the North Koreans is, or any hacker stealing cryptocurrency is how do you get it into cash? Because that huge amount of money is fine if you want to invest in cryptocurrency or if you live in a country where cryptocurrency can be spent on things, but actually, really, you need cold hard cash.
[12:29]
Joe Tidy
And the ultimate aim is to cash out.
[12:31]
Valerie Sanderson
Absolutely. And that is the difficulty because Everything's being watched. And there are dedicated companies now, forensic crypto investigators, who are following this money, going around the blockchain, and they've been doing it for years. And one of them, I spoke to him, he's the founder of one called Elliptic, and it's Tom Robinson, and he said that this is a full time job watching that money move around the blockchain. So what we're looking at is the transactions made by the launderers after they'd stolen this $1.46 billion from Bybit. And you can see the funds subsequently being fanned out across very many different transactions to confuse the money trail, make it more difficult to follow the funds. And what they're really trying to do here is to slow down the tracing of these funds, because every minute really matters here. So the North Koreans and other hackers as well, but the North Koreans are particularly good at this now. They have developed really sophisticated systems, techniques, patterns and behaviors to try and obscure the origin of that money so that when it goes to an exchange, we can exchange it for real money. Then they can get away with it, essentially. The amazing thing about cryptocurrency is that it's pseudo anonymous. So you can track it and you can see it and you can find out where it's from and where it's going to, but you don't know who owns it. If it was traditional banking and I stole 1.46 billion from a bank, straight away I have to send to another bank, and that bank has my name, my address, it can freeze the funds, it can recover it. With crypto, you can just watch this money bouncing around, and until it hits a legitimate company that has some sort of control, there's nothing you can do.
[14:11]
Joe Tidy
Is there any way to reverse this hack, Joe?
[14:14]
Valerie Sanderson
No. It's torture for the blockchain watchers here and the authorities, because they can see it all there. All the money's still there until it, what we call, goes dark, which means that they cannot see it anymore. It's all on the blockchain. And the company Bybit just sits there and watches their money being shoved around the blockchain. Nothing they can do. The only thing that is possible is that when that some of that money hits another exchange, then they can say to that exchange, oh, please, freeze that. We think it's come from the Bybit hack. And if that cryptocurrency exchange is legitimate and is mainstream enough, then they will comply. But there are, of course, lots of exchanges that aren't.
[14:55]
Joe Tidy
Is there a way then that Bybit can get these funds back.
[14:58]
Valerie Sanderson
Yeah. When they do hit an organization that cooperates, they are able to freeze it. And what's amazing about this current situation is not only is it the biggest crypto heist ever, but Bybit is so angry about this, as you would be, that they have started a really unique project called the Lazarus Bounty. They've said, we are waging war on the Lazarus Group. And what they're asking people around the world to do, volunteers, is to watch the blockchain and try and track some of the money from the hack. If they can get it frozen, then these volunteers are being given money. And so far, I think the last time we looked, about 17 people had been helping. They are confirmed to have, you know, done some really good work on tracking the money. And they've recovered, I think, about $40 million, which is a decent chunk of money. Obviously, doesn't really make a dent in the 1.46 billion, but they're also being awarded that money. So $4.5 million has so far been given to volunteers who are tracking the money, going through the system, and helping. And I spoke to one of them, and he's been given $150,000 already. So not a bad day's work, really.
[15:59]
Joe Tidy
That's not bad. I guess. Bybit are also angry at these exchanges that are failing to block the funds as well, which have been flagged.
[16:06]
Valerie Sanderson
Yeah. And they've got on the website, there's this live tracker of they're calling the good actors. So the good people out there who are stopping and helping. And then they had the word bad actors, but they've changed that now to alert actors, because I think they want careful not to upset anybody. But the one, there's only one company name on that alert or bad actors list, and that's a company called Exch, which is this fascinating company that operates in a real kind of gray zone of cryptocurrency. They are a non KYC crypto exchange, which means that they don't comply with the usual KYC know your customer rules that every other legitimate one does. So if you today wanted to go and join up to a cryptocurrency exchange, Bybit, Binance, whatever, you have to give them your passport, you have to do face id, you have to have an email address in order for them to make sure that you're not a criminal or whatever, whereas Exch believes in the anonymity and the privacy of cryptocurrency, these sort of foundational tenets of this technology. So they don't want to do any of that. They don't agree with any KYC stuff and they have not stopped the money going through. So we know that about $94 million so far of the Bybit hack has been funneled through Exch, been waved on through as if it's anything, you know, whatever, because they didn't stop it. And I spoke to the founder of Exch, who is an Austrian man. He's currently apparently doing some sort of conservation exercise in the middle of the Pacific on Howland Island. So he can't talk to me or do an interview, which is a shame. But he said that, yes, we did allow the money to go through, but that's because we believe in the anonymity and protections of cryptocurrency, but also because we're having a row with Bybit and we're in a bit of a hoo ha with them. So there's this amazing sort of like you've got on one hand the cryptocurrency industry rallying around Bybit and going against Lazarus Group, trying to get some of this money stopped. And then you've got this fracture which has been exposed in the cryptocurrency industry where you've got the sort of like the old school versus the new school.
[18:14]
Joe Tidy
So here we have potentially the biggest heist ever. All the kind of fingers are pointing at the Lazarus groove. If you're a government around the world, what can you do? What are they doing?
[18:25]
Valerie Sanderson
Not very much. It's difficult because even if you manage to find out who the hackers are and you have names, addresses, photographs, how can you arrest them? Because, of course, the North Koreans don't cooperate with international requests for extraditions, that kind of thing. So we have seen in the past, Lazarus Group is so prolific and infamous now that the FBI has on their Cyber Most Wanted list, which is updated all the time with new names of people that they want to get most wanted in the world. They have now a couple of these guys from Lazarus Group, which they put on 2020 again, names, addresses, what else can you do, really? I mean, that's pretty much it. The incredible thing about the North Korean regime is cybercrime is a part of the economy now. They just accept that as being a way to bring money in because, of course, they're so heavily sanctioned by the international community. They're very poor country, haven't got much natural resources. I spoke to one cyber security expert called Dr. Dorit Dor from Checkpoint, and she said that this is really an industry for the country.
[19:26]
Joe Tidy
Now, they don't have their own internal resources. They are a very close system, very closed economy. They don't have a successful industry for anything. So they. They created a successful industry for hacking. And they don't care about the negative impression of cybercrime.
[19:45]
Valerie Sanderson
This is a way to get around the sanctions.
[19:46]
Joe Tidy
And presumably the Lazarus Group, it makes it sound as if they're just a group of people sitting in a building somewhere in Pyongyang, but that's not how it works. Right. They work in clusters in different places.
[19:57]
Valerie Sanderson
Yeah. And there's a lot of them as well. The North Koreans are thought to have a very active pipeline of taking talented children who are good at maths and turning them into, you know, superb hackers. And you've got the sort of. The two elements, really, you've got in hotels in China and in Pyongyang, you've got armies of very, very sophisticated hackers because this, this stuff takes a long time to plan, to execute. When you look at what they did with the 1.46 billion bybit hack, it is remarkable the amount of steps you would have to take to pull that off. So you've got that element that requires very talented manpower. But the laundering as well, that's thought to be. We're talking about a whole office filled with people who are tasked with trying to launder the money, because it's a race against time to get the money out. I was speaking to an expert yesterday who said that the only time that the laundering doesn't happen is between the hours of 3am and 7am, because they're working in shifts and they're working around the clock, and they're trying to get the money out as quickly as they can.
[20:55]
Joe Tidy
The fact that this was so big and so complex and seemingly, at the moment, successful, does that also show, Joe, just how vulnerable we are at the moment?
[21:05]
Valerie Sanderson
I wouldn't say we are as in the general public. I would say the Lazarus Group has exposed security failings in the cryptocurrency industry time and time again. I mentioned in my list there, you've got Kucoin, Ronin Network, Nowthis. There are others as well. They have pivoted quite heavily from Traditional finance banks, ATMs, the Swift network, very, very heavily into cryptocurrency for a reason. And that's because the cryptocurrency industry is very dispersed in its security, young, move fast, break things, that kind of attitude. And they are showing that there are major problems in the crypto world.
[21:43]
Joe Tidy
Like every conversation at the moment, it feels like we can somehow pivot back to President Trump. So I'm going to do that, because everybody also knows how much the President loves crypto. Okay, let's catch up on the latest from the White House over the weekend. President Trump says that the US Will move forward with what he calls a crypto strategic reserve. Now, this is a shift in language from what was previously being referred to as a stockpile. This afternoon, I'm laying out my plan.
[22:09]
Valerie Sanderson
To ensure that the United States will be the crypto capital of the the.
[22:14]
Joe Tidy
Planet and the bitcoin superpower of the world. And we'll get it done. And he's announced perhaps the creation of what he's saying will be a crypto reserve. What would that mean, Joe? And would that put federal money at risk?
[22:27]
Valerie Sanderson
Yes, for sure. The crypto strategic reserve is an idea that was laughed at a few years ago. But then El Salvador President Bukele started one, a big crypto bitcoin fan. And it's proven to be very profitable because if you buy low and the coins keep going up, then it's like gold, isn't it? People say that bitcoin, for example, is the new gold. That I think, is the thinking behind the strategic reserve idea. But anytime you stockpile anything, the bigger the stockpile, the more likely you are to be at risk of hacking. I would be terrified if I was in charge of securing what's going to be probably, if they go through with it in America, the largest reserve of cryptocurrency in history. We're talking hundreds of billions of dollars potentially.
[23:10]
Joe Tidy
But surely a hack like this also impacts how people feel about crypto and how confident they feel about it.
[23:15]
Valerie Sanderson
Yeah, I think if you look at the price of crypto and bitcoin, sort of the green squiggly line of bitcoin value that is the barometer of the health and confidence in the crypto world. And after this Bybit hack, it took a dip. Other things happened as well. But that seems to be the kind of the reason it went from, I think it was like $96,000 per coin to about 83 or something like that. It's sort of like coming back up a bit. But every single time this happens, it does completely understandably knock the confidence in what is a very complicated and fast moving industry. And one of the things about crypto, which people say is a real bonus, is that you can become your own bank. But it's a frightening prospect when you know there are people out there who are willing to go to extreme lengths to hack you.
[24:02]
Joe Tidy
Thanks so much, Jo.
[24:03]
Valerie Sanderson
Thank you.
[24:06]
Lucy Hawkings
If you enjoyed listening to the Global Story and would like to hear more, there's a new episode every weekday. Just search for the Global Story wherever you get your BBC podcasts and be sure to click subscribe or follow. We'll have another edition of the Global News Podcast later. Until then, bye.