FBI links crypto betting platform’s theft to North Korea

• FBI stated that it would continue to “expose and combat” the North Korean regime’s criminal use of cryptos.
• Big names in the crypto industry expressed concerns on the growing number of incidents

In a stunning disclosure, the Federal Bureau of Investigation (FBI) linked the recent $41 million theft from crypto betting platform Stake.com to the notorious North Korean state-backed Lazarus Group.

In a press release shared on Wednesday, the U.S. domestic intelligence agency said that players from the cybercrime syndicate siphoned off funds from the platform to 33 addresses spread across Bitcoin [BTC], Ethereum [ETH], Polygon [MATIC] and Binance Chain [BNB].

The FBI asked private sector entities to exercise greater vigilance against transactions emanating from the mentioned addresses.

Stakes are high

Headquartered in Curaçao, Stake has become one of the largest cryptocurrency casinos in the world. It allows players to make bets with some of the most popular assets like Bitcoin and Ethereum. Along with crypto gambling options, users can access an extensive sportsbook featuring over 40 sports markets.

Earlier in the week, blockchain security company Beosin reported suspicious outflows of more than $41 million from the crypto casino. Barely an hour later, Stake admitted via social platform X (formerly Twitter) that unauthorized transactions were made from its ETH and BSC hot wallets.

Stake had informed users that their assets were safe, without revealing anything about the cause or scale of the harm. Surprisingly, five hours from the acknowledgement, Stake resumed normal services for the users. Since then, it has failed to provide any concrete updates on the heist.

The attack on Stake was not out of the blue, though. Software development platform GitHub had earlier warned of campaigns by North Korean hackers against accounts connected to the blockchain, cryptocurrency, or online gambling sectors.

Lazarus’ crime records

The FBI reminded the public of the North Korean group’s long litany of crypto crimes. Prior to Stake, Lazarus was involved in a theft of $60 million from crypto payment providers Alphapo and CoinsPaid i.

Before that, Lazarus committed its biggest heist of the year in June, when it drained out cryptos worth $100 million from another wallet provider, Atomic Wallet.

Additionally, the group’s hackers intruded on an American IT company JumpCloud and exploited its capabilities to target cryptocurrency companies, as per a report by Reuters.

Nonetheless, the FBI stated that it would remain vigilant and continue to “expose and combat” the North Korean regime’s criminal use of digital assets.

U.S. recognizes the threat

While there was hardly any official data available about Lazarus Group, the U.S. government identified it as a serious security threat. According to blockchain fraud detection company TRM Labs, North Korea uses the proceeds from the hacks to fund its nuclear program.

However, while the Lazarus Group remained the kingpin, the North Korean hacking industry as a whole posed a significant challenge. A report published last month revealed crypto hacks worth $200 million in 2023 by hackers from the “Hermit Kingdom”.

The growing menace of North Korean-linked crypto hacks was one of the main concerns which led the U.S. Senate to introduce a bill to regulate DeFi. The excerpts from the bill read,

“Criminals, drug traffickers, and hostile state actors such as North Korea have all demonstrated a propensity for using (DeFi) as a preferred method of transferring and laundering ill-gotten gains.”

Furthermore, a joint advisory issued by the FBI, the Cybersecurity and Infrastructure Security Agency (CISA), and the United States Treasury Department was released to highlight thefts and tactics employed by North Korean hackers.

Hackers exploit crypto vulnerabilities

The anonymous nature of cryptocurrencies, in part, has been responsible for attracting the attention of malicious players. With identities of senders and recipients remaining unknown, tracking becomes difficult.

Moreover, if funds are lost from blockchains, there are far lower chances of getting them back as opposed to TradFi.

Influential players in the crypto industry started to pay heed to the growing dangers. Ryan Selkis, founder of popular on-chain analytics firm Messari, labeled North Korean crypto heists as one of the major factors impeding the growth of decentralized finance (DeFi).

DeFi will not recover – ever – if this issue isn’t fixed. pic.twitter.com/G1Jv9cZVok

— Ryan Selkis 🪳 (@twobitidiot) September 8, 2023