North Korean hackers at the infamous Lazarus Group have by the FBI been identified as responsible for stealing $41 million worth of crypto from the online crypto casino Stake.
The attack, which took place around September 4, drained funds over the blockchain networks Ethereum, BNB Chain (formerly Binance Smart Chain/BSC), Polygon and Bitcoin, the FBI said in a statement published on Wednesday this week.
The statement listed 33 wallet addresses believed to be involved in the attack, and officially attributed it to North Korea’s Lazarus Group (also known as APT38).
Unusual transactions on Monday
A crypto casino backed by the popular rapper Drake, Stake first experienced unusual outbound transactions on Monday.
The transactions were spotted by blockchain security firm PeckShield, which shared a link to the on-chain activity on X:
Other blockchain security firms followed up, with Beosin estimating the total loss to be around $41.35 million, encompassing $15.7 million on Ethereum, $7.8 million on Polygon, and another $17.8 million from Binance Smart Chain.
The activity sparked widespread concerns across the digital asset community at the time, with many calling it the latest rugpull in the market amid plunging prices.
Despite the major loss, services on the casino were resumed later the same day, with Stake simply telling their followers on X that they “apologise for any inconvenience.”
Since posting the apology on Monday, Stake has not mentioned anything about the hacking incident in its social media channels.
Among most infamous crypto hackers
Lazarus Group is known as one of the biggest criminal entities active in crypto, and is believed to be behind major hacks, with at least part of the stolen money allegedly being used to pay for North Korea’s nuclear weapons’ and ballistic missile program.
Among the best-known is Axie Infinity’s Ronin bridge hack, which the US Treasury Department and FBI has said Lazarus Group was behind.