North Korea-linked hacker collective Lazarus Group was behind this month’s hack of crypto casino and betting platform Stake, according to the Federal Bureau of Investigation.
In a statement released Wednesday, the FBI said Lazarus Group stole $41 million in various cryptocurrencies from Stake.com. It warned the public about the continuing threat that state sponsored hackers – from the hermit kingdom in particular – pose to the entire crypto industry.
The Lazarus Group, also known as APT38, has been linked to hundreds of millions of dollars in stolen crypto with attacks on companies, exchanges, DeFi protocols and bridges. It’s a massive operation that U.S. authorities and even the United Nations claim funds North Korea’s nuclear weapons program.
In the case of Stake.com, the sophisticated hack from Lazarus group appeared to involve a private key to a hot wallet being leaked or otherwise stolen – as opposed to a bug in a smart contract. The hackers have funds on the Ethereum, BSC, Polygon and Bitcoin blockchains.
Lazarus group had already been a prime suspect for this latest loss of crypto. Earlier in the summer Github warned of North Korean hackers conducting low-level social engineering campaigns against employees of crypto, blockchain and gambling-related companies.
Federal authorities have already alleged that Lazarus was behind last year’s hack of the Axie Infinity Ronin Bridge, which saw over $600 million worth of crypto lost. Prosecutors have recently brought a case against a developer who built a mixer they claim was used to launder those funds.