“The FBI continues to combat malicious cyber activity including the threat posed by the Democratic People’s Republic of Korea to the U.S. and our private sector partners. Through our investigation we were able to confirm Lazarus Group and APT38, cyber actors associated with the DPRK, are responsible for the theft of $620 million in Ethereum reported on March 29th,” the FBI said in a statement late Thursday.
The hackers made off with about 173,600 ether, according to the Ronin Network, and 25.5 million USDC, a stablecoin pegged to the U.S. dollar. Lazarus Group has allegedly been behind the theft of over $1 billion in crypto and cash over the years, becoming a successful source of revenue for North Korea’s heavily sanctioned economy.
The theft, believed to be the largest in crypto history, exploited a vulnerability in the Ronin network, which runs the incredibly popular NFT game Axie Infinity. Somehow, the hack wasn’t noticed by the folks at Ronin until six days later.
The Axie Infinity game is a so-called play-to-earn model where players must first buy NFTs of cartoon characters which they can then use to earn crypto by playing games for hours on end. The game is incredibly popular in the Philippines where it became a stream of income for people during covid-19 pandemic lockdowns.