The Federal Bureau of Investigation (FBI) has accused two hacking groups believed to be operated by the North Korean government of being responsible for a $620 million cryptocurrency heist.
What Happened: The FBI charges are aimed against two North Korean-based hacker entities, Lazarus Group and APT38, in regard to a March 29 theft from Ronin Network, which supports the blockchain game Axie infinity. The hackers reportedly vacuumed up 173,600 Ethererum (CRYPTO: ETH) and 25.5 million USDC (CRYPTO: USDC).
“The FBI, in coordination with Treasury and other U.S. government partners, will continue to expose and combat the DPRK’s use of illicit activities — including cybercrime and cryptocurrency theft — to generate revenue for the regime,” the FBI said in a statement.
Identifying The Miscreants: Lazarus Group was first identified in 2009 and is also known under multiple names including Group 77, Guardians of Peace and (in a rare display of North Korean mirth) The New Romantic Cyber Army Team. The organization might be best known for its 2004 hack of Sony Group Corp.'s (NYSE:SONY) Sony Pictures when the studio was planning to release the comedy “The Interview” that satirized North Korean dictator Kim Jong-un; the studio canceled the film’s theatrical release following the cyberattack.
APT38 has focused on financial crimes, and since at least 2014 it has attempted to abscond with more than $1.1 billion from financial institutions around the world.
In a blog post, Ronin Network reported the crime occurred when “the attacker used hacked private keys in order to forge fake withdrawals.” The company added the attack was an external breach, noting “all evidence points to this attack being socially engineered, rather than a technical flaw.”
Ronin Network added it was “committed to ensuring that all of the drained funds are recovered or reimbursed, and we are continuing conversations with our stakeholders to determine the best course of action.”