(San Francisco) A North Korean-linked hacker group is responsible for the theft of $620 million in cryptocurrency that followed the Axie Infinity video game hack in late March, US authorities said Thursday.
Posted at 6:44 p.m.
“Through our investigation, we were able to confirm that the Lazarus Group and APT38, online actors associated with North Korea, were responsible for the theft of $620 million in ethereum reported on March 29,” the FBI said in a statement. a statement.
The Ronin network, used for the online game Axie Infinity, had been the victim of one of the biggest computer attacks involving cryptocurrencies.
Axie Infinity is a blockchain-based game, a decentralized digital ledger that cannot be changed. It allows you to earn money in the form of NFTs, digital tokens.
Created in 2018 by Sky Mavis, a firm based in Vietnam, the game has exploded in developing countries. Around 35% of traffic and the majority of the 2.5 million daily active players are based in the Philippines.
The cyberattack on Axie Infinity saw hackers exploiting weaknesses in the structure put in place by Sky Mavis.
The firm thus used a so-called “lateral” blockchain to ethereum, which allows it to manage its own system of internal transactions, without resorting to ethereum for each of them. The system was thus faster and cheaper, but less secure.
It is this side system that has been hacked, allowing hackers to appropriate the amounts raised by players.
According to a 2020 U.S. military report, North Korea’s cyber warfare unit, “Office 121,” has 6,000 members who also operate from overseas, including Belarus, China, India, from Malaysia or Russia.
John Bambenek, a threat hunter at Netenrich, a computer security firm, says the fact that North Korea has groups dedicated to stealing cryptocurrency is “unique.”
“As North Korea is heavily sanctioned, cryptocurrency theft is a matter of national security interest to them,” the expert said.
Sanctioned in 2019 by the United States, the Lazarus group gained notoriety in 2014 when it was accused of hacking into Sony Pictures Entertainment studios in retaliation for the satirical film on North Korea “The Killing Interview!” “.
Hackers linked to North Korea had stolen around $400 million in cryptocurrencies through cyberattacks in 2021, data analytics platform Chainalysis claimed in January.