FBI Confirms Lazarus as Culprit behind Cyber Attack on Stake
The Federal Bureau of Investigation (FBI) has attributed Stake’s hack and subsequent $41 million loss to North Korea-backed hacker group Lazarus.
In its official press release, the FBI confirmed that the theft occurred around September 4, 2023, and that the Lazarus Group, also known as APT38, comprising cyber actors from North Korea, was responsible for the malicious hack of Stake.
Furthermore, federal investigators identified 33 wallets, consisting of 22 Bitcoin (BTC) addresses, associated with the Stake hack. These addresses either received funds directly from Stake's hot wallets or were used to funnel illicit gains through different networks.
According to security firms Arkham and CertiK, the hacker transferred funds to Avalanche and subsequently to Bitcoin's blockchain.
Lazarus Group Strikes Again
Lazarus Group made up of hackers and cyber criminals, is allegedly funded by the North Korean government. The group has gained notoriety over the years for its series of high-profile cyber attacks on crypto platforms and digital asset service providers, collectively amounting to nearly $2 billion in losses. The group was added to US sanctions list in 2019.
According to the FBI, since the year started, Lazarus Group has stolen more than $200 million in crypto. Since the blockchain is traceable, federal authorities were able to identify the addresses to which the funds were transferred. The FBI advises individuals to exercise caution and vigilance when engaging in transactions directly with or originating from those specific addresses.
Commenting on the hack, Stake.com co-founder Edward Craven stated that the attack was a “sophisticated breach” that targeted a service the casino relies on for authorizing cryptocurrency transactions. However, despite the substantial amount stolen by the government hackers, Craven affirmed that Stake.com would continue its operations.