Structural failure
Social Engineering Attack Vector
Privileged personnel targeted with high-effort phishing — bogus job offers, conference invitations, recruitment outreach — rather than direct technical exploits.
Records exhibiting this pattern
Bybit Cold-Wallet Hack — February 2025
During a routine multi-sig transfer from an Ethereum cold wallet, malicious code injected into the signing UI tricked three Bybit executives into approving the transfer of approximately 401,000 ETH to a Lazarus-controlled address — at $1.46 billion, the largest cryptocurrency theft on record.
$1.46B affectedWazirX Multi-Sig Hack — July 2024
India's largest cryptocurrency exchange lost approximately $235M from a multi-sig wallet compromise attributed to North Korea's Lazarus Group. Singapore restructuring proceedings remain open.
$235.0M affectedDMM Bitcoin Hack — May 2024
The Japanese exchange lost approximately $305M of BTC to a private-key compromise attributed by the FBI to North Korea's TraderTraitor (Lazarus). DMM covered customer balances and wound down operations in 2025.
$305.0M affectedRonin Bridge Hack — March 2022
A North Korean state actor compromised 5 of 9 validator nodes on the Ronin sidechain, draining $625 million in ETH and USDC.
$625.0M affected