FBI identifies Lazarus Group as responsible for Stake.com attack
Stake.com paused operations on 4 September after unauthorised transfers were made from a number of its hot wallets.
The incident impacted Ethereum, Polygon and the Binance Smart Chain (BSC) on Stake.com. All other wallets were unaffected, Stake.com said, and operations returned to normal five hours after the issue was flagged.
Reports at the time suggested the operator was exploited for $41.3m (£33.1m/€38.6m). This figure has now been confirmed by the FBI, with the Bureau blaming Lazarus Group for the theft.
Also known as APT38, Lazarus Group is affiliated with Democratic People’s Republic of Korea (DPRK).
According to the FBI, cyber actors moved the stolen funds from Stake.com into a number of virtual currency addresses.
FBI highlights Lazarus involvement in other attacks
The FBI added that the same group has been responsible for other high-profile international virtual currency heists. So far this year, the group is believed to have stolen more than $200.0m, including virtual currency.
“The FBI will continue to expose and combat the DPRK’s use of illicit activities to generate revenue for the regime,” the FBI said. “This includes cybercrime and virtual currency theft.”
The FBI is encouraging anyone with information on the matter to contact the Bureau.
Launched in 2017, Stake.com has more than 500,000 users registered around the world. Its network stretches across countries including Canada, Brazil, Japan and the UK.