SBI Crypto, a Japanese mining pool operator, has experienced a theft of $21 million, with investigators linking the incident to attackers from North Korea.
On October 1, blockchain analyst ZachXBT reported suspicious outflows from the company involving multiple cryptocurrencies, including Bitcoin, Ethereum, Litecoin, Dogecoin, and Bitcoin Cash.
His investigation revealed that the stolen funds were swiftly transmitted through five instant exchanges before being funneled into Tornado Cash, a service frequently utilized to mask digital asset transactions.
Despite the severity of this breach, SBI Crypto has not yet issued an official statement regarding the attack.
Link to North Korea
ZachXBT has attributed the attack to North Korean-affiliated hackers.
In recent years, North Korean cybercriminals have ramped up their efforts targeting cryptocurrency-related operations as sanctions limit the regime’s access to conventional financial networks.
This approach has had significant global repercussions; this year, DPRK-backed hackers have reportedly stolen over $1.8 billion from crypto markets, including attacks on prominent platforms like Bybit, DMM Bitcoin, and WazirX.
This figure surpasses the $1.3 billion attributed to these attackers the previous year, emphasizing their increasing dependence on blockchain-oriented thefts as revenue sources.
SBI Crypto’s Market Standing
SBI Crypto is part of SBI Group, Japan’s largest digital asset conglomerate.
Statistics from MiningPoolStats place it as the 12th largest Bitcoin mining pool, operating with around 20 EH/s in hash power. Records indicate it mined a block less than a day before the breach was revealed.
The company also has a notable presence on the Bitcoin Cash network, overseeing more than 21% of its computing power with 900.67 PH/s. Blocks were last mined on this chain just hours prior to the incident.
Additionally, it operates smaller mining activities in Litecoin with 3.92 TH/s and recently found a block two days ago.
