North Korea is responsible for the $540 million (€500 million) cyber heist that targeted the Ronin cryptocurrency network in late March. the FBI said on Thursday, April 14. This network is the one that relies on axie infinitya video game with millions of players and in which you can earn money.
“Through our investigation, we were able to confirm that Lazarus Group and APT38, online actors associated with North Korea, were responsible for the theft. (…) informed on March 29”assured the FBI in a terse statement, which does not provide any tangible evidence to support this statement.
axie infinity is a game based on blockchain, a decentralized digital ledger that cannot be changed. It allows you to earn money in the form of NFTs, digital tokens. Created in 2018 by Sky Mavis, a company based in Vietnam, the game is very popular in some countries, especially in the Philippines, which accounts for 35% of traffic and most of the 2.5 million daily active players. Sky Mavis held in “thank the police who helped us in this investigation” and claimed to have started implementing additional security measures.
The hackers managed to exploit flaws in the system that allowed the electronic money of the game to be converted into traditional cryptocurrency, thus carrying out large fraudulent transactions, for a total amount of 173,600 ethers (ETH) and more than 25 million ‘USD coin (a cryptocurrency whose price is modeled on the US dollar). The firm used the so-called blockchain “side” to ethereum, which allows you to manage your own internal transaction system, without having to resort to ethereum for each of them. Therefore, the system was faster and cheaper, but less secure.
North Korea, a specialist in cryptocurrency theft
This robbery is one of the most important “cyber robberies” in history. And it would not be surprising if it could have been orchestrated by North Korea. Hit for years by heavy sanctions that severely limit its participation in the global economy and finance, the hermit country uses its state hackers to fund its regime.
Pyongyang would have several hundred or several thousand hackers, according to estimates, installed in North Korea, but also in Asian countries, in particular China, where Internet access is much less restricted.
Lazarus, name given by the cybersecurity industry to the nebula that brings together the different groups of computer hackers who work for North Korea, has been sanctioned and sued on several occasions by the United States. These pirates are accused of having carried out a large number of offensives against South Korea since the mid-2000s, but their first major international hit was the hacking of the Sony Pictures studiosin retaliation for satirical film about North Korea The interview that kills!. According to many experts and american justiceLazarus hackers are also responsible for the WannaCry malware, a ransomware that spread to hundreds of thousands of computers around the world in 2017.
In recent years, North Korean hackers have targeted cryptocurrencies. At the beginning of 2021, American justice has charged three members of the General Reconnaissance Officeone of the entities of the North Korean military intelligence services, accusing them of having stolen tens of millions of dollars in cryptocurrencies.
Even for these specialized hackers, the amount stolen from the Ronin network is extremely high. The more than 500 million dollars that the North Korean pirates would have recovered here effectively represent a sum greater than everything they stole during the year 2021, in this case 400 million dollars, according to the company specialized in cryptocurrency flows Chainalysis.
The hackers behind the hijack will now have to deal with one of the biggest challenges cryptocurrency thieves face: laundering their loot. Quite a challenge, now that researchers claim to have identified them. The address that US authorities determined belonged to the hackers still hadOn Friday, the equivalent of more than 445 million dollars (411 million euros) in ether cryptocurrency.