Tag Archive for: Crypto
Lazarus Group Behind $540 Million Axie Infinity Crypto Hack and Attacks on Chemical Sector
The U.S. Treasury Department has implicated the North Korea-backed Lazarus Group (aka Hidden Cobra) in the theft of $540 million from video game Axie Infinity’s Ronin Network last month.
On Thursday, the Treasury tied the Ethereum wallet address that received the stolen digital currency to the threat actor and sanctioned the funds by adding the address to the Office of Foreign Assets Control’s (OFAC) Specially Designated Nationals (SDN) List.
“The FBI, in coordination with Treasury and other U.S. government partners, will continue to expose and combat the DPRK’s use of illicit activities – including cybercrime and cryptocurrency theft – to generate revenue for the regime,” the intelligence and law enforcement agency said in a statement.
The cryptocurrency heist, the second-largest cyber-enabled theft to date, involved the siphoning of 173,600 Ether (ETH) and 25.5 million USD Coins from the Ronin cross-chain bridge, which allows users to transfer their digital assets from one crypto network to another, on March 23, 2022.
“The attacker used hacked private keys in order to forge fake withdrawals,” the Ronin Network explained in its disclosure report a week later after the incident came to light.
By sanctioning the wallet address, the move prohibits U.S. individuals and entities from transacting with it to ensure that the state-sponsored group can’t cash out any further funds. An analysis by Elliptic has found that the actor has already managed to launder 18% of the siphoned digital funds (about $97 million) as of April 14.
“First, the stolen USDC was swapped for ETH through decentralized exchanges (DEXs) to prevent it from being seized,” Elliptic noted. “By converting the tokens at DEXs, the hacker avoided the anti-money laundering (AML) and ‘know your customer’ (KYC) checks performed at centralized exchanges.”
Nearly $80.3 million of the laundered funds have involved the use of Tornado Cash, a mixing service on the Ethereum blockchain designed to obscure the trail of funds, with another $9.7 million worth of ETH likely to be laundered in the same manner.
Lazarus Group, an umbrella name assigned to prolific state-sponsored actors operating on behalf of North Korean strategic…
A blockchain expert explains how North Korea’s $625 million crypto hack presents a new national security threat — and why it marks a shift in the global ‘digital battlefield’
- North Korea’s huge crypto hack marks a new era in cybersecurity threats.
- “If there was ever a doubt that hacks were not tied to national security, that’s been resolved,” a blockchain expert told Insider.
US authorities this week tied North Korean hackers to the historic $625 million Axie Infinity crypto swindle, with the massive hack signifying the emergence of a new type of national security threat, according to a blockchain expert.
On Thursday, the US Treasury Department added an Ethereum wallet address to its sanction list after the wallet facilitated transfers for more than $86 million of the stolen funds.
The hacking outfits Lazarus and APT38, both linked to North Korea, were behind the theft, the FBI said in a statement, and the funds are generating revenue for Kim Jong Un’s regime.
Ari Redbord, head of legal and government affairs at blockchain research firm TRM, says the attack shows that even a nation as isolated as North Korea can participate in new-age cyber-warfare.
“Over the last few years many hacks have been perpetrated by North Korea,” Redbord told Insider. “But the magnitude of this one shows things have moved from small exploits to true national security concerns. It’s staggering — bank robbery at the speed of the internet.”
For years, North Korean actors have been responsible for cyberattacks, including a high-profile hit against Sony in 2014. But groups like Lazarus have grown increasingly sophisticated and ambitious.
Meanwhile, businesses within the nascent crypto sector are still finding their footing when it comes to cybersecurity, which makes them vulnerable to hacking groups which are continuously honing their tactics.
“North Korea realized a hack against an online retailer was one thing, but going after crypto exchanges is a more effective way to fund destabilizing activity at a very low cost to them,” Redbord said.
The country was an early adopter of cryptocurrency money laundering, he added, and there’s no sign it’s bad actors will slow their efforts since it’s proven to be extremely profitable.
What’s more, Redbord noted that social engineering attacks, such as the Axie Infinity infiltration, are becoming more advanced.
These hacks aren’t a…