- The US claims North Korean hackers’ group Lazarus is behind a cryptocurrency theft worth over $615 million
- The theft happened on the blockchain network of an NFT-trading game
- The theft occurred on March 23 but was discovered only recently
A North Korean hackers group named “Lazarus” has been accused by the US of a massive cryptocurrency theft worth over $615 million (over Rs 4693 crore), believed to be the largest in crypto history. Hackers stole from the Ethereum wallet of a blockchain network called Ronin which is used in Axie Infinity, one of the world’s most popular online games involving cryptocurrencies.
The theft happened on March 23 but was detected only recently. The hackers used stolen private keys, which are passwords needed to access crypto funds, after targeting computers connected to the blockchain network. Ronin said it was working with “various government agencies to ensure the criminals get brought to justice.” The hackers reportedly stole 173,600 Ether, the second most popular crypto coin after Bitcoin, and 25.5 million USDC, a stablecoin pegged to the U.S. dollar.
“Through our investigations, we were able to confirm Lazarus Group and APT38, cyber actors associated with [North Korea], are responsible for the theft,” the FBI said in a statement about the cryptocurrency theft. The Lazarus Group has allegedly been behind the theft of over $1 billion in crypto and cash over the years.
Largest ever cryptocurrency theft: what happened
The game at the heart of the theft, Axie Infinity, is set in a fictional universe where players can collect, trade and play with virtual creatures called Axies. The Axies are traded in the form of non-fungible tokens or NFTs, and sell for hundreds of thousands of dollars. Axie and other “play-to-earn” games allow players to spend crypto and earn financial rewards. Axie Infinity runs on the Ronin blockchain network, from whose wallet the crypto was stolen. The hackers used stolen private keys, which are passwords needed to access crypto funds, after targeting computers connected to the blockchain network.
Most of the stolen funds are reportedly still in a digital wallet, which is available to view on the network. Blockchain Intelligence Group, a Vancouver-based crypto tracker, said that the hackers had moved a small amount of the funds to major exchanges FTX, Crypto.com and Huobi. Huobi said it was investigating the hack and communicating closely with Axie Infinity.
Axie Infinity says it has 2.8 million daily active players, with some $3.6 billion previously traded on its marketplace, making it one of the most popular blockchain-based online games. People can earn crypto by playing games, but there’s often a high barrier to entry. In the case of Axie Infinity, users first have to buy NFTs worth at least $240 to be eligible.
Lazarus Group came into the limelight in 2014 when they were accused of hacking into Sony Pictures and publicly leaking confidential data. Blockchain analysis company Chainalysis said North Korean hackers stole almost $400 million worth of digital assets in at least seven attacks on cryptocurrency platforms in 2021.