The Federal Bureau of Investigation (FBI) has identified the Lazarus Group, a hacker collective linked to North Korea, as the perpetrator behind the recent cyberattack on the crypto casino and betting platform Stake. According to the FBI, Lazarus Group stole $41 million in cryptocurrencies from Stake.com. The FBI’s statement, released on a Wednesday, serves as a cautionary alert to the public about the ongoing threat posed by state-sponsored hackers, particularly those originating from North Korea, to the entire cryptocurrency industry.
Lazarus Group, also known as APT38, has a notorious history of orchestrating cyberattacks that have stolen hundreds of millions of dollars in cryptocurrency. Their targets have ranged from companies and exchanges to decentralised finance (DeFi) protocols and blockchain bridges. This extensive operation has drawn attention not only from U.S. authorities but also from the United Nations, which asserts that the funds stolen by Lazarus Group contribute to North Korea’s nuclear weapons program.
In the case of Stake.com, the hack conducted by the sophisticated Lazarus Group appeared to involve the compromise of a private key to a hot wallet rather than exploiting a vulnerability within a smart contract. The hackers have diversified their ill-gotten gains across multiple blockchain networks, including Ethereum, Binance Smart Chain (BSC), Polygon, and Bitcoin.
Lazarus Group had already been under suspicion regarding this latest crypto loss. Earlier in the summer, GitHub warned about North Korean hackers engaging in low-level social engineering campaigns targeting employees of crypto, blockchain, and gambling-related companies.