FBI accuses North Korea-linked hackers of stealing $600 million in cryptocurrencies

“The Lazarus Group and APT38 are responsible for the theft of $620 million in ethereum reported on March 29,” the FBI said in a statement on Thursday.

A group of hackers linked to North Korea is responsible for the theft of $620 million in cryptocurrency that followed the hack of the Axie Infinity video game in late March, US authorities said on Thursday.

“Through our investigation, we were able to confirm that the Lazarus Group and APT38, online actors associated with North Korea, were responsible for the theft of $620 million in ethereum reported on March 29,” the FBI said in a statement. a statement.

The Ronin network, used for the online game Axie Infinity, had been the victim of one of the biggest computer attacks involving cryptocurrencies. Axie Infinity is a blockchain-based game, a decentralized digital ledger that cannot be changed. It allows you to earn money in the form of NFTs, digital tokens.

A system was thus faster and cheaper, but less secure

Created in 2018 by Sky Mavis, a firm based in Vietnam, the game has exploded in developing countries. Around 35% of traffic and the majority of the 2.5 million daily active players are based in the Philippines.

The cyberattack on Axie Infinity saw hackers exploiting weaknesses in the structure put in place by Sky Mavis. The firm thus used a so-called “lateral” blockchain to ethereum, which allows it to manage its own system of internal transactions, without resorting to ethereum for each of them. The system was thus faster and cheaper, but less secure.

It is this side system that has been hacked, allowing hackers to appropriate the amounts raised by players.

According to a 2020 U.S. military report, North Korea’s cyber warfare unit, “Office 121,” has 6,000 members who also operate from overseas, including Belarus, China, India, from Malaysia or Russia.

John Bambenek, a threat hunter at Netenrich, a computer security firm, says the fact that North Korea has groups dedicated to stealing cryptocurrency is “unique”.

“As North Korea is heavily sanctioned, cryptocurrency theft is a matter of national security concern to them,” the expert said.

Hackers linked to North Korea stole around $400 million in cryptocurrencies through cyberattacks in 2021, data analytics platform Chainalysis claimed in January.

Leave a Comment