Taiwan’s BitoPro exchange confirmed a major breach that led to $11 million in stolen cryptocurrency, blaming North Korea’s Lazarus Group.

🕵️ How it happened:

• Attack occurred during a hot wallet system update on May 8, 2025.
• Hackers exploited an employee’s infected cloud operations device, stealing AWS session tokens to bypass MFA.
• Crypto was drained across Ethereum, Solana, Tron, and Polygon.
• Stolen funds were funneled through mixers like Tornado Cash, ThorChain, and Wasabi Wallet.

🔒 Damage control:

• Hot wallet systems were shut down and keys rotated.
• Impacted wallets were replenished from reserves.
• Public confirmation came weeks later, on June 2, with the full investigation ending June 11.

📉 BitoPro, with over 800,000 users and ~$30M daily volume, says no insiders were involved, despite social engineering and malware implant tactics.

🎯 Lazarus Group, backed by North Korea, is already linked to past billion-dollar thefts—including the $1.5B Bybit hack—and continues targeting crypto infrastructure worldwide.