FBI Calls Lazarus Group from North Korea Mastermind of the IDR 629 Billion Burglary on Crypto Gambling Sites

Illustration of a hacker at work. (photo: twitter @fbi)

JAKARTA -The Federal Bureau of Investigation (FBI) announced on September 7 that a USD 41 million (IDR 629 billion) breach against the crypto gambling site Stake was carried out by North Korea's Lazarus Group. In the announcement, it was stated that this group had stolen more than 200 million US dollars (IDR 3 billion) in crypto in 2023.

Stake is a crypto gambling platform that offers casino games and sports betting. On September 4, the site fell victim to a cyberattack that drained more than  41 million US dollars in crypto from its hot wallets. The Stake team stated that hackers only managed to obtain a small percentage of existing funds and that users would not be affected.

According to an FBI statement on September 7, the agency has conducted an investigation and concluded that the attack was carried out by the Lazarus Group, a well-known cybercrime organization with suspected links to the Democratic People's Republic of Korea (DRC). The DRC is also known as "North Korea."

The FBI lists the addresses where the stolen funds are now located, which are on the Bitcoin, Ethereum, BNB Smart Chain, and Polygon networks. The FBI is recommending to all crypto protocols and businesses to check the addresses used in this breach and avoid transacting with them.

"Private sector entities are encouraged to review the previously released Cybersecurity Guidance regarding TraderTraitor and examine the blockchain data associated with the above-mentioned virtual currency addresses and remain vigilant in protecting themselves against direct transactions with or originating from such addresses," the FBI said.

The agency also blamed Lazarus for the Alphapo, CoinsPaid, and Atomic Wallet breaches, stating that the losses from all these breaches amounted to more than  200 million US dollars that had been stolen by this group in 2023.

Alphapo is a payment processing company that experienced a suspicious withdrawal of more than 65 million US dollars (IDR 997.2 billion) on July 23. CoinsPaid, another payments company, lost more than  37 million US dollars (Rp. 567.6 billion) through social engineering techniques in late July. Atomic Wallet users also lost 100 million US dollars (IDR 1.53 trillion) in June through an as-yet-unknown exploit.