The Lazarus Group has been identified as responsible for draining funds from the Stake platform. This has already been confirmed by the US Federal Bureau of Investigation (FBI).
FBI: Lazarus robbed Stake
Stake is a sports betting platform that uses cryptocurrencies. However, Stake’s security systems were recently breached, leading to the loss of over $41 million in assets. Now we know who was behind this successful attack.
In a press release, the FBI said it had conducted an investigation into the hack that revealed the hack was carried out by the Lazarus Group, a hacking group that has been working with North Korea. The agency also provided several cryptocurrency wallet addresses to which the criminals sent the stolen funds.
Private sector entities are encouraged to review the previously published cybersecurity advisory (…) and investigate the blockchain data associated with the aforementioned virtual currency addresses and exercise vigilance to protect themselves from transactions directly conducted with or originating from these addresses.
– added in the announcement.
The attack occurred on September 4. Hackers stole millions of dollars in cryptocurrencies. Web3 cybersecurity firm Cyvers was the first to detect “multiple suspicious transactions” coming from Stake.
In turn, user X (former Twitter) ZachXBT later noted that the hackers were stealing in installments, so to speak. First, they withdrew $16 million in ETH and stablecoins, then stole another $25.6 million in other digital assets.
Cybersecurity firm Boesin estimated the total amount of stolen funds at $41.35 million.
Stake later confirmed everything, stating that unauthorized transactions had occurred on its Ethereum and BSC hot wallets, while assuring users that their funds were safe. A few hours after the hack, the company announced that deposits and withdrawals were working again on the platform for all cryptocurrencies.
Lazarus Group Continues to Steal
The Lazarus Group has been behind the largest hacks in cryptocurrency history. According to the FBI, North Korean hackers are responsible for stealing $200 million worth of digital currencies this year, among other things. Their victims were supposed to be Estonian cryptocurrency payment platform CoinPaid. At that time, it was $37.3 million that was seized as a result of the hack. The company admitted that it had been under the hackers’ microscope for six months before the attack.
In August, the FBI issued a warning that the Lazarus group may decide to sell 1,580 BTC (worth almost $41 million) stored in six different addresses on the bitcoin network.