The Taiwanese crypto exchange BitoPro was hacked by North Korean Lazarus group resulting in an $11 million theft during a system update. The attack involved social engineering, malware, and AWS session hijacking, highlighting Lazarusβs ongoing focus on cryptocurrency targets. #LazarusGroup #CryptoHeist
Keypoints
- BitoPro suffered an $11 million theft during a hot wallet system update on May 8, 2025.
- The attack was attributed to North Korean Lazarus group based on evidence and pattern analysis.
- Hackers used social engineering, malware infection, and AWS session hijacking to access the system.
- The stolen funds were laundered through DEXs and mixers such as Tornado Cash and Wasabi Wallet.
- BitoPro responded by shutting down the hot wallets, rotating cryptographic keys, and involving authorities and cybersecurity experts.