DeFi

DeFi protocol Alex Labs suspects Lazarus Group involvement in $4 million hack

Published

7 months ago

on

Alex Labs, a layer 2 developer for Bitcoin, was mined for $4 million in May 2024. The team now believes the attack was orchestrated by the infamous North Korean group Lazarus.

Are you looking for signals and alerts from professional traders? Sign up for FREE to Invezz Signals™. Takes 2 minutes.

According to details shared In a June 25 post, Alex Labs disclosed three wallet addresses used in the May 16 exploit.

Lazarus Group Linked to Exploit

Copy link to section

The team revealed that they collaborated with on-chain investigator ZachXBT. The investigation uncovered evidence linking the attack to the Lazarus group.

An address identified as ‘0x418e…0c4e’ was directly linked to the exploit. Funds from this address were sent to another address “0x63…BeA3”.

The second address then transferred the funds to a Tron wallet, previously associated with the Lazarus Group.

Alex Lab’s BNB Smart Chain bridge was compromised in the attack. The attackers managed to drain $4.3 million in funds.

Additionally, $13.7 million worth of Stacks (STX) tokens were also siphoned off. However, these funds were routed through centralized cryptocurrency exchanges.

On June 20, Alex Labs revealed that the exploiter had broadcast over 11,800 STX transactions. Several protocols and challenge bridges were used in the process. Some notable names include Arkadiko, Bitflow and Allbridge.

Part of the funds recovered

Copy link to section

In subsequent updates on June 25, defi protocol revealed that it was in contact with the Singapore Police Force and affected cryptocurrency exchanges.

As part of this collaboration, part of the STX was frozen. According to an earlier update, this included more than $3.9 million in funds.

Defi Protocol has also committed to implementing additional security protocols to avoid similar incidents in the future.

Alex Labs concluded:

Regular updates will be provided as our investigation progresses and recovery efforts continue.

According to Alex Labs, the exploit resulted from hackers gaining access to internal private keys. The team confirmed that the protocol’s smart contracts were not compromised.

At the time, a 10% bonus was offered to the attacker for returning 90% of the stolen funds. The team also pledged to end the legal investigation if the funds were returned.

However, the attacker did not react.

Previously, the Lazarus Group was linked to several attacks in the cryptocurrency sector.

The group was responsible for stealing around $170 million from crypto exchange Huobi in November 2023. They were also allegedly behind the infamous Ronin Bridge attack.

Reports suggest that criminal actors were responsible for the loss of over $300 million in crypto funds in 2023 alone.

A United Nations panel is currently investigating 58 cyberattacks allegedly carried out by the group.

Announcement

Want easy-to-follow crypto, forex, and stock trading signals? Simplify trading by copying our team of professional traders. Consistent results. Register today at Invezz Signals™.

Fuente

Related Topics:

Leave a Reply

Your email address will not be published. Required fields are marked *

Información básica sobre protección de datos Ver más

  • Responsable: Miguel Mamador.
  • Finalidad:  Moderar los comentarios.
  • Legitimación:  Por consentimiento del interesado.
  • Destinatarios y encargados de tratamiento:  No se ceden o comunican datos a terceros para prestar este servicio. El Titular ha contratado los servicios de alojamiento web a Banahosting que actúa como encargado de tratamiento.
  • Derechos: Acceder, rectificar y suprimir los datos.
  • Información Adicional: Puede consultar la información detallada en la Política de Privacidad.

Trending

Exit mobile version