FBI confirms that North Korea was behind $41 million Stake.com exploit
Contents
This week the FBI issued a release confirming that the theft of approximately $41 million in crypto assets from Stake.com, an online casino and betting platform, was the work of North Koreaâs Lazarus Group. Lazarus stole these assets from Stake-controlled addresses on Ethereum, Binance Smart Chain (BSC), and Polygon blockchains and, as of yesterday, had moved them into the 40 crypto addresses identified in the FBIâs press release.
TRM's on-chain analysis of the hack and the post-theft movement of funds confirms DPRK involvement. The ETH and BSC assets have, for the most part, been swapped into unfreezable native assets but remain parked. The Polygon/MATIC were swapped and bridged via Squid Router. Those swaps generally went from MATIC to USDT or USDC and were moved to Avalanche. On Avalanche, they were swapped into wrapped BTC, then bridged to Bitcoin, where they now sit, parked. This type of activity is a hallmark of …
TRM's on-chain analysis of the hack and the post-theft movement of funds confirms DPRK involvement. The ETH and BSC assets have, for the most part, been swapped into unfreezable native assets but remain parked. The Polygon/MATIC were swapped and bridged via Squid Router. Those swaps generally went from MATIC to USDT or USDC and were moved to Avalanche. On Avalanche, they were swapped into wrapped BTC, then bridged to Bitcoin, where they now sit, parked. This type of activity is a hallmark of …
IoC
0004a76e39d33edfeac7fc3c8d3994f54428a0be
7d84d78bb9b6044a45fa08b7fe109f2c8648ab4e
94f1b9b64e2932f6a2db338f616844400cd58e8a
95b6656838a1d852dd1313c659581f36b2afb237
a26213638f79f2ed98d474cbcb87551da909685e
a2e898180d0bc3713025d8590615a832397a8032
ba36735021a9ccd7582ebc7f70164794154ff30e
bcedc4f3855148df3ea5423ce758bda9f51630aa
bda83686c90314cfbaaeb18db46723d83fdf0c83
e03a1ae400fa54283d5a1c4f8b89d3ca74afbd62
ff29a52a538f1591235656f71135c24019bf82e5
7d84d78bb9b6044a45fa08b7fe109f2c8648ab4e
94f1b9b64e2932f6a2db338f616844400cd58e8a
95b6656838a1d852dd1313c659581f36b2afb237
a26213638f79f2ed98d474cbcb87551da909685e
a2e898180d0bc3713025d8590615a832397a8032
ba36735021a9ccd7582ebc7f70164794154ff30e
bcedc4f3855148df3ea5423ce758bda9f51630aa
bda83686c90314cfbaaeb18db46723d83fdf0c83
e03a1ae400fa54283d5a1c4f8b89d3ca74afbd62
ff29a52a538f1591235656f71135c24019bf82e5