At the tail end of March, we reported on a massive hack of exploitative play-to-earn blockchain job/game Axie Infinity. At the time, the hackers had made off with $625M worth of crypto, which was considered a contender for biggest crypto hack of all time. The weird thing was, nobody was entirely sure who’d done it, and the funds were for the most part just sitting in the attackers’ possession and hadn’t yet been shunted through “legitimate” crypto exchanges (which had frozen them out anyway) or the “illegitimate” dark mixers either.
Well, last night, the FBI actually named the culprit, and I guarantee it’s not whoever you were thinking of: North Korea apparently did it. OK, specifically a pair of North Korean crime gangs called Lazarus Group and APT38. It’s also apparently “only” $620M, not $625M as Axie originally said.
“FBI Statement on Attribution of Malicious Cyber Activity Posed by the Democratic People’s Republic of Korea – The FBI continues to combat malicious cyber activity including the threat posed by the Democratic People’s Republic of Korea to the U.S. and our private sector partners. Through our investigation we were able to confirm Lazarus Group and APT38, cyber actors associated with the DPRK, are responsible for the theft of $620 million in Ethereum reported on March 29. The FBI, in coordination with Treasury and other U.S. government partners, will continue to expose and combat the DPRK’s use of illicit activities – including cybercrime and cryptocurrency theft – to generate revenue for the regime.”
Gizmodo writes that Lazarus Group has supposedly made off with over a billion bucks in crypto and actual money in total; it’s now apparently trying to shuttle its ill-gotten gains from the Axie hack using Tornado Cash, which is one of those dark-money laundering mixers.
“This is somehow dumber and also less dumb than what I expected,” MOP’s Eliot noted on the news, and we can’t help but agree.