The notorious Lazarus Group, linked to North Korea, has executed another major cryptocurrency theft, this time targeting the crypto casino Stake and making off with a staggering $41 million in digital assets, as disclosed by the FBI in a statement released on Thursday.
In a chilling revelation, the FBI has confirmed that the Lazarus Group, a North Korean hacking organization infamous for its audacious cybercrimes, is behind the recent heist of $41 million in digital assets from the crypto casino Stake.
The attack, initially described by the Drake-backed gambling firm as “unauthorized transfers,” prompted Stake to swiftly launch an investigation, informing its users of the breach on Monday.
The Lazarus Group’s Heist:
The FBI, sharing the findings of its extensive investigation, has identified numerous digital wallets purportedly containing the stolen funds.
What is particularly concerning is the diversification of cryptocurrencies involved, with the Lazarus Group funneling the ill-gotten gains through Bitcoin, Ethereum, Polygon, and Binance Smart Chain networks, showcasing their adaptability and sophistication.
A Pattern of Attacks:
This latest crypto heist is not an isolated incident. The FBI has linked the Lazarus Group to a string of recent high-profile thefts, including a $100 million heist from Atomic Wallet in June and a $60 million theft from projects Aplhapo and CoinsPaid in July.
These connections emphasize the group’s growing menace in the world of cryptocurrencies.
A History of Digital Pillaging:
Over the past several years, the Lazarus Group has consistently targeted crypto projects, accumulating a formidable track record of thefts.
In a June report, crypto analytics firm Elliptic estimated that the Lazarus Group had pilfered over $2 billion in digital assets across multiple incidents, underlining the scale of their criminal operations.
Notorious Exploits:
One of the most notorious exploits attributed to the Lazarus Group was the $622 million drain on the Ronin Network, an Ethereum sidechain used by the popular play-to-earn crypto game Axie Infinity.
This exploit, which ranks among the largest crypto heists ever, drew the attention of the U.S. Treasury Department in April, further spotlighting the group’s audacity.
Impacting Crypto Privacy
As the Lazarus Group has continued to evade authorities and cover its digital tracks, its on-chain activities have had repercussions for the coin-mixing protocol Tornado Cash.
This privacy-oriented service, deemed by advocates as a crucial tool, faced sanctions from the Treasury Department last year for allegedly facilitating the laundering of $7 billion worth of cryptocurrency.
In July, a federal court upheld these restrictions, prohibiting Tornado Cash’s use in the U.S.
In August, the U.S. Justice Department arrested one of the protocol’s co-founders, Roman Storm, on charges including conspiracy to commit money laundering and operating an unlicensed money-transmitting business.
The Lazarus Group’s relentless pursuit of ill-gotten gains in the cryptocurrency realm continues to pose a significant threat.
The recent $41 million heist at Stake Casino, along with its connections to other major thefts, underscores the need for enhanced cybersecurity measures and international collaboration to combat this cybercriminal menace.
