A major security breach that allowed hackers to steal an estimated $1.5bn (£1.1bn) of cryptocurrency has been linked to a North Korean cybercrime group, according to experts.

The Dubai-based exchange Bybit was targeted on 21 February with analysts at Elliptic reporting malware was used to approve transactions that sent the funds to the thief.

The British blockchain analytics firm is blaming North Korea’s Lazarus Group based on various factors, including an assessment of how the crypto assets were laundered.

It claims North Korea-linked hackers have stolen over $6bn (£4.7bn) in crypto assets since 2017, with the proceeds reportedly spent on the country’s ballistic missile program.

Bybit’s CEO Ben Zhou has insisted his firm is solvent and can cover the loss. But on Wednesday it had managed to trace only a tiny fraction of what was stolen.

The exchange has now created a $140m (£100m) ‘bounty’ – amounting to around 10% of the stolen crypto – to reward those who successfully track and freeze stolen funds.

The reward will be split between the organisation which successfully freezes the assets and those who help trace them.

The price of Bitcoin and other cryptocurrencies have recently fallen sharply after the hack, erasing some of the gains made since Donald Trump took office on a pro-crypto agenda.

Although cryptocurrency is highly volatile, even with Tuesday’s drop Bitcoin is still up significantly since Mr Trump won last year’s election.

According to blockchain analysis firm Chainalysis, theft of crypto assets peaked in 2022 with $3.7bn (£2.9bn) stolen, falling to $1.8bn (£1.4bn) in 2023, and $2.2bn (£1.7bn) in 2024. It says the number of hacking incidents has also been on the rise.

Read more from Sky News:
Trump shares AI video of Gaza vision
Can Ukraine ‘pay back’ US for arms?

The company said North Korea-linked hacking organisations such as Kimsuky and Lazarus Group have a large part to play, amounting to one in five of all hacks in 2024.

It said North Korean groups stole approximately $660m (£521m) across 20 incidents in 2023, rising last year to $1.34bn (£1bn) across 47 incidents.

Chainalysis claims North Korea is “notorious for their sophisticated and relentless tradecraft, often employing advanced malware, social engineering, and cryptocurrency theft to fund state-sponsored operations and circumvent international sanctions”.

North Korea routinely denies involvement in cyber hacking or crypto heists.

Here is a list of the biggest crypto hacks, prior to Bybit being targeted, according to Chainalysis:

$625m Ronin Network
In March 2022 Lazarus Group reportedly targeted the network that supports the popular Axie Infinity blockchain gaming platform

$611m Poly Network
In August 2021, a lone hacker exploited a vulnerability in the Poly Network decentralized finance platform

$569m Binance BNB Bridge
The Binance exchange was hacked in October 2022. A cross-chain bridge, BSC Token Hub, was exploited by hackers

$532m Coincheck
In January 2018, the Japanese exchange Coincheck suffered a theft of NEM coins

$477m FTX
In November 2022, thieves stole from FTX’s crypto wallets. It was later reported hackers gained access to an FTX employee’s accounts

$473m Mt Gox
One of the first major crypto hacks happened in 2011 when the crypto exchange Mt Gox was targeted and lost 25,000 Bitcoin