A group of hackers linked to North Korea is responsible for the theft of $620 million in cryptocurrency that followed the hack of the Axie Infinity video game in late March, US authorities said Thursday (April 14th). “Through our investigation, we were able to confirm that the Lazarus Group and APT38, online actors associated with North Korea, were responsible for the theft of $620 million in ethereum reported on March 29”the FBI said in a statement.
The Ronin network, used for the online game Axie Infinity, had been the victim of one of the biggest computer attacks involving cryptocurrencies. Axie Infinity is a blockchain-based game, a decentralized digital ledger that cannot be changed. It allows you to earn money in the form of NFTs, digital tokens. Created in 2018 by Sky Mavis, a firm based in Vietnam, the game has exploded in developing countries. Around 35% of traffic and the majority of the 2.5 million daily active players are based in the Philippines.
The cyberattack on Axie Infinity saw hackers exploiting weaknesses in the structure put in place by Sky Mavis. The firm thus used a so-called “lateral” blockchain to ethereum, which allows it to manage its own system of internal transactions, without resorting to ethereum for each of them. The system was thus faster and cheaper, but less secure. It is this side system that has been hacked, allowing hackers to appropriate the amounts raised by players.
According to a 2020 U.S. military report, North Korea’s cyber warfare unit, “Office 121,” has 6,000 members who also operate from overseas, including Belarus, China, India, from Malaysia or Russia. Sanctioned in 2019 by the United States, the Lazarus group had gained notoriety in 2014 when it was accused of having hacked Sony Pictures Entertainment studios in retaliation for the satirical film on North Korea “The Interview that kills!” Hackers linked to North Korea stole around $400 million in cryptocurrencies through cyberattacks in 2021, data analytics platform Chainalysis claimed in January.