North Korea hackers accused of Axie Infinity crypto heist

North Korea’s hacking programme dates back to the mid-1990s and is believed to employ some 6,000 people.

The blockchain-based game Axie Infinity with rotund orange, green and turquoise characters in a woodland scene
The enormous heist focused on people playing the Axie Infinity game [File: Sky Mavis via Reuters]

The United States has linked North Korean hackers to a multi-million dollar cryptocurrency heist last month focusing on players of the popular Axie Infinity game.

The March hack of Blockchain project Ronin was one of the biggest to hit the crypto world, raising huge questions about security in an industry that only recently burst into the mainstream thanks to celebrity promotions and promises of untold wealth.

The Ronin network allows users to transfer crypto in and out of the game.

“Through our investigations we were able to confirm Lazarus Group and APT38, cyber actors associated with [North Korea], are responsible for the theft,” the FBI said in a statement.

Lazarus rose to prominence in 2014 when it was accused of hacking into Sony Pictures Entertainment as revenge for “The Interview,” a satirical film that mocked North Korean leader Kim Jong Un. It has also been accused of involvement in the “WannaCry” ransomware attacks, as well as hacking international banks and customer accounts.

“The United States is aware that the DPRK has increasingly relied on illicit activities – including cybercrime – to generate revenue for its weapons of mass destruction and ballistic missile programs as it tries to evade robust US and UN sanctions,” a Treasury Department spokesperson said, using the initials of North Korea’s official name.

North Korea’s hacking programme dates back to at least the mid-1990s and has grown to a 6,000-strong cyber warfare unit, known as Bureau 121, that operates from several countries, including Belarus, China, India, Malaysia and Russia according to a 2020 US military report.

In the case of the Axie Infinity heist, attackers exploited weaknesses in the set-up put in place by the Vietnam-based firm behind the game, Sky Mavis.

The company had to solve a problem: the ethereum blockchain, where transactions in the ether cryptocurrency are logged, is relatively slow and expensive to use.

To allow Axie Infinity players to buy and sell at speed, the firm created an in-game currency and a sidechain with a bridge to the main ethereum blockchain.

The result was faster and cheaper, but ultimately less secure.

The attack pinpointing its blockchain netted 173,600 ether and $25.5 million-worth of stablecoin, a digital asset pegged to the US dollar.

The US is pushing the UN Security Council to blacklist the Lazarus Group and freeze its assets, according to a draft resolution reviewed by the Reuters news agency on Wednesday.

Source: News Agencies