Cryptocurrency: North Korean hackers stole $600 million from Axie Infinity game, FBI says

This is not the biggest fraud in cryptocurrency, the record of which is held to date by the South African Africrypt and its 4 billion dollars vanished. But this new cryptocurrency theft case is well into the anthology scores. This time, the theft would have been carried out by a group of hackers linked to North Korea. Their goal was reportedly to hack the hit video game Axie Infinity at the end of March. Amount of the larceny: 620 million dollars, announced Thursday the American authorities.

The hackers did not choose this digital token randomly. In the midst of the boom in cryptocurrencies, the Axie Infinity game allows you to become familiar with these new assets which are bought and sold in a secure way thanks to decentralized blockchain technology. It is also betting on NFTs, these unique collectible tokens in the virtual universes of the metaverse. So many trends that should explode with the general public in 2022.

“Through our investigation, we were able to confirm that the Lazarus Group and APT38, online actors associated with North Korea, were responsible for the theft of $620 million in ethereum reported on March 29,” the FBI said in a statement. a statement.

From the Ehtereum protocol, Sky Mavis, the Vietnam-based creators of the game Axie Infinity have developed an exchange network called Ronin. It is on the latter that the storage of cryptos in online wallets is based.

A flaw in the network

The cyberattack saw hackers exploit weaknesses in the structure put in place by Sky Mavis. Flaws that are regularly found during the transmission of information between the basic protocol and the technological overlay of financial services that is grafted on to it, as an expert explained to The gallery in the case of the theft of the Swiss company Poly Network, estimated at 600 million dollars.

Here, the firm used a so-called “side” blockchain to ethereum, which allows it to manage its own system of internal transactions, without resorting to ethereum for each of them. The system was thus faster and cheaper, but less secure.

It is this side system that has been hacked, allowing hackers to appropriate the amounts raised by players.

Created in 2018, the game has exploded in developing countries. Around 35% of traffic and the majority of the 2.5 million daily active players are based in the Philippines.

A North Korean industry in the face of sanctions

According to a 2020 U.S. military report, North Korea’s cyber warfare unit, “Office 121,” has 6,000 members who also operate from overseas, including Belarus, China, India, from Malaysia or Russia.

John Bambenek, a threat hunter at Netenrich, a computer security firm, says the fact that North Korea has groups dedicated to stealing cryptocurrency is “unique”.

“As North Korea is heavily sanctioned, cryptocurrency theft is a matter of national security concern to them,” the expert said.

Sanctioned in 2019 by the United States, the Lazarus group had gained notoriety in 2014 when it was accused of having hacked Sony Pictures Entertainment studios in retaliation for the satirical film on North Korea “The Interview that kills! “.

Hackers linked to North Korea stole around $400 million in cryptocurrencies through cyberattacks in 2021, data analytics platform Chainalysis claimed in January.

(With AFP)