The Lazarus Group, a North Korean hacker organization, was responsible for swiping $41 million in digital assets from the crypto casino Stake this week, according to a statement released on Thursday by the FBI.
The Drake-backed gambling firm, which initially described a batch of associated transactions as “unauthorized transfers,” notified users that a Stake-led investigation was underway Monday shortly after the attack took place.
Sharing the results of its own investigation, the FBI listed addresses for dozens of digital wallets that purportedly contain stolen digital funds. Lazarus Group funneled crypto across Bitcoin, Ethereum, Polygon, and Binance Smart Chain networks, the FBI said.
Attackers’ digital fingerprints connect the attack by Lazarus Group to other recent heists, such as a $100 million theft from Atomic Wallet in June and $60 million stolen from projects Aplhapo and CoinsPaid in July, the agency claimed.
North Korea’s Lazarus Group has become a thorn in the side of many crypto projects over the past several years. The crypto analytics firm Elliptic said in June that the Lazarus group has stolen over $2 billion in digital assets across multiple thefts.
Last April, the U.S. Treasury Department connected the hacker group to a $622 million exploit that drained the Ronin Network, an Ethereum sidechain used by the play-to-earn crypto game Axie Infinity. It was one of the biggest crypto exploits ever.
As the North Korean hacking group has sought to cover its digital tracks, the Lazarus Group’s on-chain activity has impacted coin-mixing protocol Tornado Cash. The service, which advocates say is a privacy tool, was sanctioned last year by the Treasury Department for allegedly helping launder $7 billion worth of cryptocurrency.
The individual, Roman Storm, was charged with conspiracy to commit money laundering, sanctions violations, and conspiracy to operate an unlicensed money-transmitting business.