As per a recent announcement, the FBI has stated that the Lazarus Group was behind the $41M exploit of Stake. The announcement continued to state that the notorious group has managed to steal more than $200 million worth of crypto tokens throughout 2023 so far. Stake is a crypto-gambling platform that offers casino games and sports betting services to its users. The platform ended up being a victim of a cyber-attack that drained more than $41 million worth of crypto tokens from its hot wallets.
However, the Stake team clarified that the hacker managed to obtain only a small percentage of the amount, and reassured its users that their funds were completely safe. The FBI announced that they carried out an investigation shortly after the exploit and found out that the attack was carried out by the infamous Lazarus group. The group is a renowned cybercrime organization believed to be closely associated with the DPKR, most commonly known as North Korea.
As the North Korean group has diligently tried to cover up its tracks, the group’s on-chain activity has severely impacted the bitcoin-mixing protocol, Tornado Cash. Similarly, the group has been involved in several crypto exploits and has established itself as a thorn in the side of many crypto projects over the years.
The FBI Flags Wallets Following the Stake Exploit
After the conclusion of the investigation, the FBI listed the addresses where the stolen funds are currently being held. These wallets exist on the Bitcoin, Polygon, Ethereum, and BNB Smart Chain networks. The FBI recommended various crypto protocols and businesses to review the addresses involved in the Stake exploit. At the same time, it was also suggested that transactions with these blacklisted wallets should be avoided.
The digital fingerprints left by the Lazarus group following the Stake hack have also set the stage for the agency to blame the group for the most recent exploits of Alphapo, CoinsPaid, and Atomic Wallet. Alphapo is a payment processor that faced suspicious withdrawals of over $65 million back in July this year. Similarly, CoinsPaid lost more than $37 million through social engineering during the same month. Finally, Atomic Wallet was subject to a loss of almost $100 million in June as a result of an unknown exploit.
