DPRK-linked hackers are responsible for $620 million theft, according to FBI.
The FBI has pinned a massive cryptocurrency heist targeting players of the game Axie Infinity on North Korea, announcing on Thursday that hackers tied to the country, including the Lazarus Group, were responsible.
“Through our investigation we were able to confirm Lazarus Group and APT38, cyber actors associated with the DPRK, are responsible for the theft of $620 million in Ethereum reported on March 29,” the agency declared in a statement released on Thursday. It did not explain how it had arrived at that conclusion.
The thieves stole $620 million in Axie Infinity crypto, a token based on the Ethereum blockchain and earned through playing the online game also called Axie Infinity. They were able to steal the funds through Axie Infinity’s Ronin Network, which lets users transfer their crypto in and out of the game.
According to Ronin Network, the hackers used private keys to create phony withdrawals. A similar mode of attack was used against blockchain platform Poly Network last year, when a hacker made off with $600 million in tokens. However, the perpetrator soon returned the money and was subsequently offered a job by the platform as a security adviser.
The US Treasury Department has sanctioned a cryptocurrency wallet linked to the Axie Infinity hack, adding the link to its list of Lazarus Group-related sanctions. The hacking group is believed to be responsible for the Sony Pictures hack in 2014 and the WannaCry ransomware attack in 2017.
The Pentagon claimed in a 2020 report that North Korea’s cyber warfare corps includes 6,000 hackers who operate out of Belarus, China, India, Malaysia, and Russia. Pyongyang has denied the current allegations as well as previous accusations of hacking.