In a recent heist linked to Pyongyang, the FBI on Thursday accused hackers associated with Pyongyang of stealing more than $600 million in cryptocurrency from a video gaming company last month.
The FBI said in a statement that it was able to confirm that two cyber actors associated with the Democratic People’s Republic of Korea committed the theft of $620 million in Ethereum reported on March 29th, the Lazarus Group and APT38.
In the FBI report, they mention an attack on a computer network that was used by video game Axie Infinity, where players could earn cryptocurrency. Axie Infinity’s creator, Sky Mavis, announced on March 29 that it had been hacked on March 23 to steal the equivalent of roughly $600 million – at the time of the discovery – from a “bridge,” which allows users to send crypto from one blockchain to another.
- A broad group of hackers suspected of working for North Korea has been sanctioned by the US Treasury Department. Axie Infinity hacker used the Treasury’s sanctioned “wallet,” or cryptic address, to withdraw funds from the hack.
- As North Korea’s leader, Kim Jong Un, has continued to pursue nuclear weapons for years, cyberattacks have become an important source of revenue for the regime, according to a United Nations panel and outside cybersecurity experts.
- North Korea fired a ballistic missile last month believed to be its first in four years.
- According to Chainalysis, a firm that tracks digital currency transactions, Lazarus Group has stolen about $1.75 billion worth of cryptocurrency in recent years.
According to Ari Redbord, head of legal affairs at TRM Labs, an investigative firm that investigates financial crime, “a hack of a cryptocurrency business is like bank robbery at the speed of the internet. As long as they’re profitable and successful, they won’t stop.”
Due to the war in Ukraine, many analysts have been focusing their attention on Russian hacking. However, suspected hackers from North Korea have been quite active.
Researchers at Google revealed last month that North Korea has conducted two separate hacking campaigns targeting United States media, information technology and cryptocurrency companies. Google notifies users whose accounts have been infiltrated by state-sponsored hackers.