North Korean hackers may be behind $70 million theft from Phemex

Several blockchain security experts have analyzed that North Korean hackers may be behind the theft of more than $70 million from the crypto exchange Phemex. The Singapore-based exchange was hacked on Thursday and subsequently announced a suspension of withdrawals after multiple blockchain security companies reported suspicious activity to it. At the time, about $30 million in funds had been stolen, but the attack appears to be continuing and more tokens have been stolen. The attack seems to follow a similar threat pattern that has occurred when other well-known crypto exchanges have been hacked. Taylor Monahan, lead security researcher at MetaMask, said: "In this incident, a large number of different assets were siphoned off multiple chains at the same time. These tokens were then immediately exchanged for native assets of the chain, starting with freezable stablecoins and then proceeding one by one in order of value. As with many attacks, the attackers appear to have targeted large assets first and then began to target less well-known tokens. All of this activity occurred simultaneously, but they were not scripted. Assets were manually sent to new addresses for exchange, and once completed, they were passed to another new address. These assets then remained until the real money laundering team took them away next week or next month." Due to the large number of transactions and the wide range of targeted blockchains, Monahan said that this attack was likely the work of "a group of threat actors who have committed crimes many times." (The Block)