Alex Labs, a layer-2 developer for Bitcoin, was exploited for $4 million in May 2024. The team now believes the attack was orchestrated by the infamous North Korean Lazarus Group.
According to details shared in a June 25 post, Alex Labs disclosed three wallet addresses used in the May 16 exploit.
Lazarus group linked to exploit
The team revealed that it has collaborated with on-chain investigator ZachXBT. The investigation has unearthed evidence that links the attack to the Lazarus group.
An address identified by ‘0x418e…0c4e’ was directly linked to the exploit. Funds from this address were sent to another address ‘0x63…BeA3.’
The second address then transferred the funds to a Tron wallet, which had been previously associated with the Lazarus group.
Alex Lab’s BNB Smart Chain bridge was compromised in the attack. The attackers managed to drain $4.3 million worth of funds.
Additionally, $13.7 million worth of the Stacks (STX) token was also siphoned off. However, these funds were funnelled through centralised cryptocurrency exchanges.
On June 20, Alex Labs disclosed that the exploiter broadcasted over 11,800 STX transactions. Several defi protocols and bridges were used in the process. Some notable names include Arkadiko, Bitflow and Allbridge.
A portion of funds recovered
In subsequent updates on June 25, the defi protocol disclosed that it was in contact with the Singapore Police Force and the relevant cryptocurrency exchanges.
As a part of the collaboration, a portion of the STX has been frozen. Per an earlier update, this included more than $3.9 million in funds.
The defi protocol has also vowed to implement additional security protocols to prevent similar mishaps in the future.
Alex Labs concluded:
Regular updates will be provided as our investigation progresses and recovery efforts continue.
According to Alex Labs, the exploit resulted from hackers gaining access to internal private keys. The team confirmed that the protocol’s smart contracts were not compromised.
At the time, a 10% bounty was offered to the attacker for returning 90% of the stolen funds. The team also pledged to discontinue the legal investigation if the funds were returned.
However, there was no response from the attacker.
Previously, the Lazarus group has been linked to several attacks in the cryptocurrency sector.
The group was responsible for stealing approximately $170 million from crypto exchange Huobi in November 2023. They were also allegedly behind the infamous Ronin Bridge attack.
Reports suggest the criminal actors were responsible for more than $300 million worth of crypto funds lost in 2023 alone.
A United Nations panel is currently investigating 58 cyberattacks allegedly conducted by the group.
The post DeFi protocol Alex Labs suspects Lazarus group’s involvement in $4 M hack appeared first on Invezz