FBI says North Korean Lazarus group was behind huge crypto theft

Ronin network bridge was recently compromised and attacked

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

The notorious Lazarus group, a known North Korean state-sponsored threat actor, seems to have been behind the recent major Ronin network breach, the FBI has said.

Ronin network, a cryptocurrency bridge developed by the same company behind the hugely popular blockchain-based game, Axie Infinity, was attacked in late March 2022, with the attackers getting away with $625 million in various cryptocurrencies.

Now, according toVice, the FBI and the US Treasury Department (USDT) have pinned this attack it on Lazarus, having updated its file on the attack with a wallet that had received the stolen funds, which it says belong to the group.

Share your thoughts on Cybersecurity and get a free copy of the Hacker’s Manual 2022. Help us find how businesses are preparing for the post-Covid world and the implications of these activities on their cybersecurity plans. Enter your email at theend of this surveyto get the bookazine, worth $10.99/£10.99.

Fixing the bridge

The makers of the Ronin network, on the other hand, said it would take a little more time before they’d be able to bring the product back online.

“We are still in the process of adding additional security measures before redeploying the Ronin Bridge to mitigate future risk,” the company wrote in ablog post. “We expect to deliver a full post mortem that will detail security measures put in place and next steps by the end of the month.”

The bridge is expected to resume operations “by the end of the month”.

The wallet flagged by USDT currently holds 148,000 ETH, which is more than $447 million at press time. The wallet’s owners sent 3,302.6 ETH, or approximately $10 million, to another address, earlier this week. The wallet’s details can also be found on the blockchain explorerEtherscan, where it’s been labeled as “involved in a hack targeting the Ronin bridge”.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

The maker of Axie Infinity just suffered one of the largest heists in crypto history>Huge crypto exchange hack sees $600m stolen>2FA compromise led to Crypto.com hack

The hack saw 173,600 ether (the native currency of the Ethereum blockchain) and 25.5 million USD Coin stolen, totalling $625 million in value. Some commentators have suggested this may be thelargest single heistin crypto history.

Given the blockchain’s transparent nature, the Ronin Network was able to quickly establish that the funds were taken from itsendpointson March 23. However, only after a user reported being unable to withdraw 5,000 ether did the team notice the breach.

An investigation revealed the attacker had used hackedprivate keysto forge fake withdrawals, the organization explained. It would seem that noviruseswere used in the attack.

Via:Vice

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

This new phishing strategy utilizes GitHub comments to distribute malware

Should your VPN always be on?

NYT Strands today — hints, answers and spangram for Sunday, November 10 (game #252)