North Korea is responsible for the $ 540 million (€ 500 million) “cyber robbery” that targeted the cryptocurrency network Ronin in late March, the FBI said Thursday (April 14). This network is what it is based on Axie Infinitea video game with millions of players and where you can earn money.
“Through our investigation, we were able to confirm that the Lazarus Group and APT38, online actors associated with North Korea, were responsible for the theft. (…) reported on March 29 “assured the FBI in a short press release, which does not provide any tangible evidence to support that statement.
Axie Infinite is a blockchain-based game, a decentralized digital ledger that cannot be changed. It allows you to earn money in the form of NFTs, digital tokens. Created in 2018 by Vietnam-based company Sky Mavis, the game is very popular in some countries, particularly the Philippines, which concentrates 35% of traffic and most of the 2.5 million daily active players. Sky Mavis held in “thank the police who assisted us in this investigation” and claimed to have begun to put additional security measures in place.
The hackers managed to exploit the flaws in the system that allowed to convert the game’s e-money into traditional cryptocurrency, thus carrying out large fraudulent transactions, for a total amount of 173,600 ether (ETH) and more than 25 million USD coin (a cryptocurrency whose price is modeled on the US dollar). The company used a so-called blockchain “lateral” to ethereum, which allows him to manage his own internal transaction system, without resorting to ethereum for each of them. The system was therefore faster and cheaper, but less secure.
North Korea, specialist in cryptocurrency theft
This theft is one of the most important “cyberheists” in history. And it wouldn’t be surprising if it could have been orchestrated by North Korea. Hit for years by heavy sanctions that severely limit its participation in the global economy and finance, the hermit country uses its state hackers to finance its regime.
Pyongyang would therefore have several hundred or several thousand hackers, according to estimates, installed in North Korea but also in Asian countries, particularly China, where Internet access is much less limited.
Lazarus, the name given by the cybersecurity industry to the nebula that brings together various groups of cyber hackers working for North Korea, has been repeatedly sanctioned and sued by the United States. These pirates are therefore accused of carrying out a myriad of offensives against South Korea since the mid-2000s, but their first major international coup was the hacking of the Sony Pictures studios, in retaliation for the satirical film about Korea. of the North The interview that kills!. According to many experts and American justice, Lazarus hackers are also responsible for the malicious software WannaCry, a ransomware that spread to hundreds of thousands of computers around the world in 2017.
In recent years, North Korean hackers have focused on cryptocurrencies. In early 2021, American justice indicted three members of the General Reconnaissance Bureau, one of the North Korean military intelligence entities, accusing them of stealing tens of millions of dollars in cryptocurrencies.
Even for these specialized hackers, the amount stolen from the Ronin Network is extremely high. The more than $ 500 million that would have been recovered here by the North Korean pirates represents in fact a greater sum than all that they stole in the year 2021, in this case 400 million dollars, according to the cryptocurrency feed company Chainalysis.
The hackers behind the hijacking will now face one of the biggest challenges for cryptocurrency thieves: laundering their loot. A challenge, now that the investigators claim to have identified them. The address determined by US authorities as belonging to the pirates still had the equivalent of over $ 445 million (€ 411 million) in ether cryptocurrency on Friday.