Key Points
- Bitcoin infrastructure protocol Alex Lab accuses Lazarus Group of a $4.3 million exploit.
- Alex Lab’s investigation, with the help of independent blockchain investigator ZachXBT, found substantial evidence linking the attack to the Lazarus Group.
Alex Lab, a Bitcoin infrastructure protocol, has blamed the Lazarus Group for a $4.3 million exploit.
The accusation comes in the wake of a thorough investigation carried out by Alex Lab’s expert team, in conjunction with independent blockchain investigator ZachXBT.
Details of the Exploit
In a social media post, Alex Lab disclosed that it had pinpointed three wallets implicated in the exploit, all supposedly belonging to the notorious North Korean hackers. These hackers, believed to be supported by the North Korean government, have a track record of numerous exploits and scams.
Alex Lab, with the help of ZachXBT, claimed to have collected enough evidence to link the hackers to the attack on their platform, which took place on May 15, 2024.
“Substantial transaction evidence linking the attack to the Lazarus Group was found after comprehensive forensic analysis and investigations, facilitated by blockchain analyst ZachXBT,” reported Alex Lab.
Impact of the Attack
Alex Lab was one of several blockchain platforms targeted by cybercriminals last month. The attackers exploited weaknesses in Alex Lab’s XLink bridge, a feature intended to assist users in transferring their assets across various blockchains.
The exploit led to the theft of $4.3 million, including $300,000 worth of Bitcoin (BTC), $3.3 million in stablecoins, and Sugar Kingdom (SKO) tokens worth $75,000.
At the time of the attack, the Alex Foundation, the nonprofit organization overseeing the platform, claimed they had identified the attacker and proposed a 10% bounty in exchange for the return of 90% of the stolen funds. The organization even set a deadline of May 18 for the culprits to comply.
Despite the deadline passing without any response from the hackers, Alex Lab attributed the attack to the Lazarus Group.
Alex Lab is currently collaborating with law enforcement to recover the stolen funds and has enhanced its security protocols to prevent future incidents.
Previous Hacks by Lazarus Group
This is not the first time the Lazarus Group has been implicated in an attack in the crypto industry. The group is notorious for high-profile hacks, including the Ronin Network attack in 2022, which resulted in a $650 million loss, and the $100 million exploit on the Harmony bridge.
In June 2023, blockchain security firm Elliptic reported the hackers may also be responsible for the theft of $35 million stolen from Atomic Wallet.
That same year, another cyber security firm, Recorded Future, revealed that the group had stolen a total of $3 billion from the crypto industry in nearly seven years.