The FBI made if official. The FBI issued a report Thursday on Malicious Cyber Activity Posed by the Democratic People’s Republic of Korea which confirmed that Lazarus Group and APT38, cyber actors associated with the DPRK, are responsible for the theft of $620 million in Ethereum – which might be the biggest crypto hack to date. Roughly $622 million were stolen from a blockchain-based gaming network. The Ronin Network, which powers the Axie Infinity game, confirmed the security breach. According to the network’s Substack post, Ronin was exploited for 173,600 Ethereum and 25.5 million USDC.
To approve any withdrawal or deposit, Ronin requires five of its nine validators to sign off on transactions to ensure funds are not moved by anyone with malicious intent. The attacker was able to control four Ronin validators and one validator linked to the Axie DAO–the decentralized autonomous organization associated with Axie Infinity. The attacker used hacked private keys in order to forge fake from the charges brought against Mark Robert Unkenholz of Hanover Maryland for the willful transmission and retention of National Defense Information (NDI).
A couple of days earlier from the reported FBI attribution, Operation Tourniquets forced RaidForums to shut down and its infrastructure was seized. The Operation is described as a complex law enforcement effort coordinated by Europol to support independent investigations of the United States, United Kingdom, Sweden, Portugal, and Romania. The forum’s administrator and two of his accomplices were arrested.