North Korean hackers may begin targeting larger objectives, including U.S.-based Bitcoin exchange-traded funds (ETFs).
The Lazarus Group, the infamous North Korean hackers associated with some of the most notorious hacks in the cryptocurrency space â including the biggest hack in decentralized finance (DeFi), the $625 million Ronin bridge hack â could be targeting US Bitcoin ETFs.
Hackers could start shifting their attention to the US Bitcoin ETFs due to the sizable potential bounty, according to Michael Pearl, the vice president of GTM strategy at Cyvers.
The onchain security expert told Cointelegraph in an exclusive:
âOnly recently the FBI has issued a warning that North Korean hackers are going to try to infiltrate and steal money from ETFs. So all those ETFs are storing the base Bitcoin somewhere. And you can be certain that somebody is already planning and thinking of how they're going to steal it.â
Cyversâ Michael Pearl, interview with Cointelegraphâs Zoltan Vardai, clip 1
The Bitcoin ETFs could represent a potential lucrative bounty for North Korean hackers, considering that the US ETFs hold a cumulative $52.1 billion worth of Bitcoin (BTC) in onchain holdings, according to Dune data.
US Bitcoin ETFs. Onchain holdings. Source: Dune
Bitcoin ETF vulnerabilities could invite more stringent crypto regulation
North Korean hackers targeting the infrastructure surrounding Bitcoin ETFs present alarming risks and potential challenges for the industry.
Itâs not only the ETF providers that may be targeted but also all related companies, warned Cyversâ Pearl:
âIt's not only the ETF providers, it's also the periphery, all the adjacent companies that are working with them⊠[ETF vulnerabilities] are something we need to address very fast because if not, weâre going to see mega hacks.â
Cyversâ Michael Pearl, interview with Cointelegraphâs Zoltan Vardai, clip 2
According to Pearl, a potential Bitcoin ETF âmega hackâ could invite more stringent regulatory attention in the US, which could inspire stricter regulations in other jurisdictions.
Institutions became more aware of cybersecurity following the WazirX hack
The crypto industry is still recovering from the $230 million WazirX hack, which occurred in July, as the second-largest crypto hack of 2024 so far.
Yet, the $230 million hack also had a silver lining: It raised institutional awareness of the importance of cybersecurity.
Pearl explained:
âThe WazirX case brought many institutional bodies like hedge funds and ETF issuers, that are interested in [security]. It actually raised awareness. Too bad it had to cost $230 million.â
Cyversâ algorithms discovered the malicious smart contract that caused the $230 million hack eight days before the incident, which may have saved the Indian exchange from the hack, claimed Pearl.
$3 billion stolen in hacks â Why are crypto crimes surging? Source: YouTube
Magazine: 2 auditors miss $27M Penpie flaw, Pythiaâs âclaim rewardsâ bug: Crypto-Sec