The FBI has claimed hackers affiliated with the North Korean government are behind a colossal $810 million crypto heist.
Axie Infinity, an online game that allows players to earn digital coins, last month revealed hackers stole almost a billion dollars worth of Ethereum.
The hack is considered to be among the largest heists in the short history of cryptocurrency.
Often referred to as a superior alternative to Bitcoin, Ethereum has built itself up to become the world’s second-most popular crypto asset ahead of Ripple (XRP).
“Through our investigation we were able to confirm Lazarus Group and APT38, cyber actors associated with the DPRK, are responsible for the theft of US$620 million (AU$810 million) in Ethereum reported on March 29th,” the FBI said in a statement.
The US Treasury Department has since sanctioned the crypto wallet linked to Lazarus Group, claiming the organisation harbours hackers working on orders from the North Korean government.
Head of legal affairs at TRM Labs Ari Redbord, who investigates a wide range of financial crimes committed in the US, said the heist was “essentially a bank robbery”.
“A hack of a cryptocurrency business, unlike a retailer, for example, is essentially bank robbery at the speed of the internet and funds North Korea‘s destabilising activity and weapons proliferation,” he said via CNN.
“As long as they are successful and profitable, they will not stop.”
The hacker reportedly used stolen private keys after targeting computers connected to the game’s network that help confirm transactions.
According to Chainalysis, which specifically tracks digital currency transactions, the Lazarus Group has made away with an estimated $2.4 billion worth of crypto in recent years.
“From 2020 to 2021, the number of North Korean-linked hacks jumped from four to seven, and the value extracted from these hacks grew by 40 per cent,” a report published in January 2022 read.
“Once North Korea gained custody of the funds, they began a careful laundering process to cover up and cash out.
“Whatever the reason may be, the length of time that (North Korea) is willing to hold on to these funds is illuminating, because it suggests a careful plan, not a desperate and hasty one.”
One user reported losing $10,000 as a result of the hack.
“I don‘t think people fully understand the significance of this hack — $600m is a very big portion of all the assets in this network,” Jack Kenny, 23, said via the BBC.
Economist and author Frances Coppola said the unprecedented hack exposed the fragility of cryptocurrency security tied to online games.
“This is pretty typical of crypto companies,” she said.
“We‘ve seen so many hacks and exploits caused by – to be blunt – frank carelessness and lack of concern for the safety of people’s funds.
“Crypto companies are sometimes so anxious to make ‘loadsamoney’, or simply accommodate high demand, that they put out badly designed and tested code, compromise security, or place too much reliance on infrastructure.”
It came after a US man was jailed for five years for for advising North Korea on cryptocurrency trading and “developing cryptocurrency infrastructure and equipment” inside the hermit kingdom.
Virgil Griffith admitted to presenting at a cryptocurrency conference in the capital of Pyongyang in 2019 after having his request to travel to North Korea denied by the US.
“Griffith is an American citizen who chose to evade the sanctions of his own country to provide services to a hostile foreign power,” prosecutors wrote.
“He did so, knowing that power — North Korea — was guilty of atrocities against its own people and has made threats against the United States citing its nuclear capabilities.”
The US has some of the toughest laws against foreign technology interference, updating sanctions against North Korea in 2018 to prohibit “a US person, wherever located” from exporting US tech to the authoritarian state.
