Game Changer: North Korean Cybercrime Outfit Lazarus Group Suspected of Stealing $620 Million in Crypto
Game Changer: North Korean Cybercrime Outfit Lazarus Group Suspected of Stealing $620 Million in Crypto
The cyberattack targeted users of the popular Axie Infinity game. The Lazarus Group rose to prominence in 2014 after being accused of hacking into Sony Pictures Entertainment

American authorities claimed on April 14 that hackers linked to North Korea were behind a $620 million cryptocurrency robbery, which took place last month, targeting users of the popular Axie Infinity game.

The cyberattack was one of the most significant in the crypto world, raising serious concerns about security in an industry that has only lately gained popular attention because of celebrity endorsements and promises of enormous riches.

The theft last month from the creators of Axie Infinity, a game in which players can earn cryptocurrency through gameplay or trading their avatars, came just weeks after thieves stole around $320 million in a similar attack.

In a statement, the FBI said: “Through our investigation, we were able to confirm Lazarus Group and APT38, cyber actors associated with the DPRK, are responsible for the theft of $620 million in Ethereum reported on March 29.”

“The FBI, in coordination with Treasury and other U.S. government partners, will continue to expose and combat the DPRK’s use of illicit activities – including cybercrime and cryptocurrency theft – to generate revenue for the regime,” the federal agency further added.

Lazarus Group

This group is affiliated with the Reconnaissance General Bureau, which is a North Korean intelligence agency.

The Lazarus Group has been active since at least 2009, and it was reportedly responsible for the November 2014 destructive wiper attack on Sony Pictures Entertainment as part of Novetta’s Operation Blockbuster campaign.

In the case of the Sony cyber incident, the hackers stole massive amounts of data from the network. They leaked the information to journalists, who wrote articles about humiliating things Sony employees said to one another. This attack was believed to be carried out as revenge for a satirical movie called The Interview in which the supreme leader Kim Jong-un was mocked.

However, as per previous reports, Operation Flame, Operation 1Mission, Operation Troy, DarkSeoul, and Ten Days of Rain have all been linked to malware employed by the Lazarus Group.

Last year, a report revealed that hackers from North Korea planned a $1billion attack on Bangladesh’s central bank and were almost fully successful. The cybertheft that became known as the Bangladesh Bank robbery demonstrated how hackers exploited administrative flaws in the global banking system to carry out a well-planned attack that resulted in the transfer of millions of dollars.

The report also highlighted how the hackers were able to gain access to the printer in the secure room of Bangladesh Bank and this occurred over a year before the actual hack. Later, it was found that the Lazarus Group had been lurking inside Bangladesh Bank’s computer systems for a year.

Decoding The Hack

Despite the fact that the country is known as one of the world’s poorest, over the years North Korea has been making headlines for being responsible for cyberattacks.

Its campaign has grown into a 6,000-strong cyber warfare force known as Bureau 121 that operates in numerous countries including Belarus, China, India, Malaysia, and Russia.

It is worth noting that in the US, the Treasury Department has a special page dedicated to the Lazarus Group, which lists its many aliases and links it to North Korea. This week the page was updated to include an Ethereum address that is specifically linked to the group.

The Treasury’s Office of Foreign Assets Control (OFAC) has not made a specific statement about the exploit or the Lazarus group, but Chainalysis, a blockchain surveillance firm, has linked that address to the heist. Currently, the address has $441 million in ether on its own.

It is worth noting that in the case of the Axie Infinity heist, attackers took advantage of flaws in the setup put in place by Sky Mavis, the Vietnam-based company behind the game.

The Ethereum blockchain, which records transactions in the ether cryptocurrency, is relatively slow and costly to use, so the company had to solve a problem.

Then the company developed an in-game currency as well as a sidechain with a bridge to the main Ethereum blockchain. As a result, while it was faster and less expensive, it was also less secure.

The attack on its blockchain resulted in the theft of 173,600 ether and $25.5 million in stablecoin, a digital asset pegged to the US dollar.

Read all the Latest Tech News and Breaking News here

What's your reaction?

Comments

https://tupko.com/assets/images/user-avatar-s.jpg

0 comment

Write the first comment for this!