North Korea-Backed Lazarus Group Behind $40M Stake Hack: FBI
KEY POINTS
- Stake temporarily paused its withdrawals earlier this week
- The platform said the halt may be due to "unauthorized transactions"
- FBI says Lazarus Group has strong links to North Korea
The FBI has identified North Korea-linked hacking group Lazarus as the culprit behind the over $40 million hack on the crypto betting platform Stake.
Lazarus Group, the notorious cybercrime organization backed by the Democratic People's Republic of Korea (DPKR), was allegedly responsible for the multi-million dollar hack on Stake, the agency said in a release this week.
"The FBI has confirmed that this theft took place on or about September 4, 2023, and attributes it to the Lazarus Group (also known as APT38) which is comprised of DPRK cyber actors," the law enforcement agency said in a release.
It warned the public that hackers have already moved the siphoned funds from the crypto betting platform to various wallet addresses on Ethereum, Binance Smart Chain (BSC) and Polygon networks.
"Private sector entities are encouraged to review the previously released Cyber Security Advisory on TraderTraitor and examine the blockchain data associated with the above-referenced virtual currency addresses and be vigilant in guarding against transactions directly with, or derived from, those addresses," it added.
Stake, which is an Ethereum-based crypto-betting platform where users can place wagers on games or sports, paused its withdrawals for four long hours Monday after news broke that over $40 million in funds were drained from its account due to a hack.
The platform at the time did not acknowledge that funds had left its coffers or a hack was made, but rather downplayed it as "unauthorized transactions" and claimed "user funds are safe."
"Three hours ago, unauthorized tx's were made from Stake's ETH/BSC hot wallets. We are investigating and will get the wallets up as soon as they're completely re-secured. User funds are safe. BTC, LTC, XRP, EOS, TRX + all other wallets remain fully operational," the platform said on X.
Four hours later, Stake said, "All services have resumed! Deposits and withdrawals are processing instantly for all currencies. We apologize for any inconvenience."
The agency alleged that "these same DPRK actors are also responsible for several other high-profile international virtual currency heists. In 2023 alone, DPRK cyber actors have stolen more than $200 million. This amount includes, but is not limited to, approximately $60 million of virtual currency from Alphapo and CoinsPaid on or about July 22, 2023, and approximately $100 million of virtual currency from Atomic Wallet on or about June 2, 2023."
© Copyright IBTimes 2024. All rights reserved.