In recent developments, the Federal Bureau of Investigation (FBI) attributed the $41 million cyber theft from crypto gambling platform Stake to the activities of the North Korean-based Lazarus Group. The announcement on Sept. 7 also disclosed that the notorious group is responsible for stealing more than $200 million in crypto assets throughout 2023.
Stake’s Security Compromise
Established as a platform for casino enthusiasts and sports bettors, Stake faced a significant cyber breach on Sept. 4, extracting cryptocurrencies worth over $41 million from its hot wallets. Addressing the issue, Stake’s representatives clarified that the cyber culprits had only acquired a minor share of the platform’s funds, reassuring users balances remain unaffected.
FBI’s Investigations and Recommendations
On Sept. 7, following a thorough probe, the FBI identified and declared the Lazarus Group as the main culprit behind Stake’s security infringement. This infamous cybercriminal faction is purportedly linked to the Democratic People’s Republic of Korea, widely recognized as North Korea.
Highlighting the seriousness of the situation, the FBI released details of the cryptocurrency addresses where the stolen assets are currently housed. These addresses are spread across several networks, including Bitcoin, Ethereum, BNB Smart Chain, and Polygon. The FBI’s directive to the crypto community is clear:
Private sector entities are encouraged to review the previously released Cyber Security Advisory on TraderTraitor and examine the blockchain data associated with the above-referenced virtual currency addresses and be vigilant in guarding against transactions directly with, or derived from, those addresses.
FBI.gov said.
Furthermore, the FBI cited the Lazarus Group as the malefactors behind the cyber-attacks on Alphapo, CoinsPaid, and Atomic Wallet. In a breakdown, Alphapo, a payments processing platform, encountered suspicious withdrawals exceeding $65 million on July 23. CoinsPaid endured a loss of $37 million following a social engineering attack in the latter part of July. Lastly, Atomic Wallet users experienced a massive $100 million loss in June due to an unidentified vulnerability. These cybercrimes orchestrated by the Lazarus Group have resulted in losses surpassing $200 million for the year 2023.
