Hack Pinned by FBI on North Korea’s Lazarus Group

Posted on: September 8, 2023, 02:33h. 

Last updated on: September 8, 2023, 11:11h.

The FBI thinks it has figured out who was behind the recent $40-million hack of online gambling platform To the surprise of no one, it has pointed the finger at one of the longest-running state-led cyberterrorist groups in the world, North Korea’s Lazarus Group.

Students at the Mangyongdae Revolutionary School, in Pyongyang, North Korea, work on computers
Students at the Mangyongdae Revolutionary School in Pyongyang, North Korea, work on computers. Some may become hackers with the state-led Lazarus Group. (Image: Associated Press)

On September 6, the FBI released a statement revealing its findings following an extensive investigation. The probe focused on identifying the individuals behind the attack, which led them to the infamous group.

This cybercriminal organization has gained notoriety due to its suspected connections to the Democratic People’s Republic of Korea (DPRK), more commonly known as North Korea. The attack is just one in a long string of cybercrimes designed to give the regime of Kim Jong Un, that country’s leader, money any way it can get it.

Lazarus Up to Its Old Tricks

The FBI released a comprehensive list of locations where the stolen money wound up. These include the bitcoin, ethereum, Binance Smart Chain, and Polygon networks. In an effort to combat the situation, they have called upon all blockchain monitors and cryptocurrency exchanges to closely monitor the addresses associated with the hack and refrain from any transactions involving them.

The FBI also recommends that companies review the cybersecurity advisory issued on TraderTraitor, a complex malware program that’s in the wild, and thoroughly investigate the blockchain records associated with the mentioned cryptocurrency addresses used in the attack. These entities need to remain cautious and avert any direct transactions that may potentially originate from such addresses.

One of the primary advantages of cryptocurrency is that there is no centralized control for most blockchains. This means no individual or controlling group manages all transactions. However, monitoring agents, miners, and others can follow the activity and help exchanges prevent money from moving from one wallet to another or from being withdrawn. founder and CEO Ed Craven never seemed overly concerned about the hack. After the news broke, he said on social media that users’ funds were safe and that the theft only affected a “small portion” of the company’s reserves.

North Korea Loves to Hack

The FBI also puts Lazarus as the group behind the cyberattacks on Alphapo, Coinspaid, and Atomic Wallet. It added that these malicious attacks resulted in $200 million vanishing into Lazarus’s pockets so far this year.

Alphapo suffered a massive withdrawal of more than $65 million on July 23. Similarly, Coinspaid, a fellow payment processor, fell victim to social engineering tactics in late July, leading to a loss of more than $37 million. $100 million left the pockets of Atomic Wallet users in June, an incident catalyzed by a mysterious security breach.

This past April, the Ronin Network, an ethereum sidechain linked to the crypto-based game Axie Infinity, suffered an attack and lost $622 million. An investigation by the U.S. Treasury placed the blame on the Lazarus Group.

Latin America is a popular target for hackers. The region suffers five banking Trojan attacks per minute, according to Kaspersky Labs, and cryptocurrencies are in an arms race against AI-powered scams. Behind them are North Korean hackers who have allegedly stolen $2 billion in cryptocurrencies since 2018.