Open Now
Open Now
Watch now

North Korean hackers allegedly stole more than $600 million in crypto in a single attack, according to the FBI

The FBI blamed North Korean government hackers on Thursday for stealing more than $600 million in bitcoin from a video game company last month, the latest in a succession of daring cyber heists linked to Pyongyang.

The FBI claimed in a statement that "through our investigation, we were able to identify Lazarus Group and APT38, cyber criminals linked with the DPRK, are responsible for the loss of $620 million in Ethereum reported on March 29th." North Korea's official name, the Democratic People's Republic of Korea, is abbreviated as "DPRK," and Ethereum is a technical platform connected with a type of cryptocurrency.

The FBI was referring to the recent hack of Axie Infinity's computer network, which allows gamers to earn cryptocurrency. Unidentified hackers stole the equivalent of about $600 million — estimated at the time of the hack's detection — on March 23 from a "bridge," or network that allows users to transmit cryptocurrency from one blockchain to another, according to Sky Mavis, the business that produced Axie Infinity.

The US Treasury Department sanctioned Lazarus Group, a large group of hackers suspected of working for the North Korean government, on Thursday. The precise "wallet," or bitcoin address, that was utilized to cash out on the Axie Infinity hack was sanctioned by the Treasury Department.

According to a United Nations panel and independent cybersecurity experts, cyberattacks have been a major source of cash for the North Korean state for years as its leader, Kim Jong Un, pursued nuclear weapons.

North Korea is reported to have launched its first intercontinental ballistic missile in more than four years last month.

According to Chainalysis, a company that records digital currency transactions, the Lazarus Group has stolen an estimated $1.75 billion in cryptocurrencies in recent years.

"Unlike a shop, for example, a hack of a cryptocurrency business is effectively bank theft at the speed of the internet, funding North Korea's destabilizing behavior and weapons proliferation," said Ari Redbord, head of legal affairs at TRM Labs, a financial crime investigation agency. "They will not stop as long as they are successful and profitable."

While much of the focus of cybersecurity specialists has been on Russian hacking in the wake of the Ukraine conflict, alleged North Korean hackers have been far from silent.

Last month, Google researchers revealed two separate suspected North Korean cyber attempts aimed at US media and IT businesses, as well as the bitcoin and financial technology industries.
Users who are targeted by state-sponsored hackers are notified by Google.

If a Google user has "any link to being active in Bitcoin or cryptocurrencies" and receives a warning from Google about state-backed hacking, it nearly invariably turns out to be North Korean activity, according to Shane Huntley, who leads Google's Threat Analysis Group.

Huntley told CNN, "It appears to be an ongoing strategy for them to augment and gain money through this activity."

=====

Related Video:

** Information on these pages contains forward-looking statements that involve risks and uncertainties. Markets and instruments profiled on this page are for informational purposes only and should not in any way come across as a recommendation to buy or sell in these assets. You should do your own thorough research before making any investment decisions. All risks, losses and costs associated with investing, including total loss of principal, are your responsibility. The views and opinions expressed in this article are those of the authors and do not necessarily reflect the official policy or position of USA GAG nor its advertisers. The author will not be held responsible for information that is found at the end of links posted on this page.

Follow us on Google News