North Korea’s Notorious Lazarus Group Suspected of Stealing $620 Million in Crypto

US officials claimed on April 14 that the hackers are linked to North Korea Axi was behind a $620 million cryptocurrency heist that took place last month, targeting users of the Infinity game.

The cyberattack was one of the most significant in the crypto world, raising serious concerns about security in the industry, which has recently gained popular attention due to the promise of celebrity endorsements and huge funding.

The theft last month from the creators of Axi Infinity, a game in which players can earn cryptocurrency through gameplay or trade their avatars, comes just weeks after thieves stole nearly $320 million in a similar attack.

In a statement, the FBI said: “Through our investigation, we were able to confirm the Lazarus Group and APT38, a cyber actor associated with the DPRK, are responsible for the theft of $620 million in Ethereum on March 29.”

The federal agency further said, “The FBI, in coordination with the Treasury and other US government partners, will continue to uncover and combat the DPRK’s use of illegal activities – including cybercrime and cryptocurrency theft – to generate revenue for the regime.” For.”

Lazarus Group

The group is affiliated with the General Bureau of Reconnaissance, a North Korean intelligence agency.

Lazarus Group Active since at least 2009, and it was reportedly responsible for the devastating Viper attack on Sony Pictures Entertainment in November 2014 as part of Novata’s Operation Blockbuster campaign.

In the case of the Sony cyber incident, hackers stole huge amounts of data from the network. They leaked the information to journalists who wrote articles about abusive things Sony employees said to each other. The attack is believed to have been carried out as a revenge for a satirical film called The Interview that mocked Supreme Leader Kim Jong-un.

However, according to previous reports, Operation Flame, Operation 1 Mission, Operation Troy, Darkseol and Ten Days of Rain have all been linked to malware employed by the Lazarus Group.

Last year, a report revealed that North Korean hackers planned a $1 billion attack on Bangladesh’s central bank and were almost entirely successful. The cyber theft, known as the Bangladesh Bank Robbery, demonstrated how hackers took advantage of administrative flaws in the global banking system to carry out a planned attack that resulted in transfers of millions of dollars.

The report also described how the hackers were able to access the printer in the Bangladesh Bank’s secure room and this happened a year before the actual hack. Later, it was found that the Lazarus Group had been lurking inside the computer system of Bangladesh Bank for over a year.

hack decoding

Despite the fact that the country is known as one of the poorest countries in the world, over the years North Korea has been making headlines for being responsible for cyber attacks.

Its operations have evolved into a 6,000-strong cyber warfare force known as Bureau 121 which operates in several countries including Belarus, China, India, Malaysia and Russia.

The Treasury Department in the US has a special page dedicated to the Lazarus Group, which lists its many aliases and links it to North Korea. This week the page was updated to include an Ethereum address specifically linked to the group.

The Treasury Office of Foreign Assets Control (OFAC) did not make any specific statements about the exploit or the Lazarus Group, but blockchain surveillance firm Chainalysis linked that address to the robbery. Currently, the address itself holds $441 million in Ether.

It’s worth noting that in the case of Axi Infinity Robbery, the attackers took advantage of flaws in the setup posed by Sky Mavis, the Vietnam-based company behind the game.

Ethereum The blockchain, which records transactions in the ether cryptocurrency, is relatively slow and expensive to use, so the company had to address a problem.

The company then developed an in-game currency as well as a sidechain with a bridge to the main Ethereum blockchain. As a result, it was faster and less expensive as well as less secure.

The attack on its blockchain resulted in the theft of 173,600 ether and $25.5 million in stablecoin, a digital asset pegged to the US dollar.

read all Breaking News , today’s fresh news And IPL 2022 Live Updates Here.