North Korean hackers recently stole approximately $620 million in crypto from the Ronin blockchain. How did the biggest cryptocurrency heist in history happen?
The answer sounds like the plot of the latest Hollywood action movie.
These are the details of the North Korean hackers’ major crypto heist.
FBI closes in on notorious North Korean hacker gang for crypto theft
In an official statement, the FBI communicated that they have closed in on the culprits of the cyber attacks.
They discovered that the Lazarus Group — the largest hacker gang in North Korea — had stolen the cryptocurrency with the intent of laundering it for the Kim Jong-Un regime.
As North Korea’s economy is highly sanctioned, the laundering of crypto was done to work around these limitations.
The biggest crypto heist in history consisted of 173,600 in Ethereum and 25.5 million in USDC, a stablecoin tied to the U.S. dollar.
However, this is not the Lazarus Group’s first job. According to reports, the North Korean hackers have stolen approximately $1 billion worth of cryptocurrency and cash over the years.
But how did they pull off a cyber theft of this size?
The NFT-based scene of the crime
There were two key factors that made the biggest crypto heist in history possible.
The first is Tornado Cash., a service that allows people to make it less clear where crypto came from one link to another in the blockchain. Tornado Cash was also used in the theft of $34 million from Crypto.com in January.
The second element and heavy lifting of the crime was through the NFT game, Axie Infinity. Through the game, the hackers were able to expose a vulnerability in the Ronin blockchain.
Additionally, it took the Ronin Network six days to notice the $620 million worth of crypto was gone.
“We are still in the process of adding additional security measures before redeploying the Ronin Bridge to mitigate future risk. Expect the bridge to be deployed by end of month. Security comes first. The timeline is subject to change based on the implementation time of several security measures.”— The Ronin Network
So, my takeaway from this story is simple.
Assets and investments that are not physically there are at risk.
All the cyber security measures in the world will eventually be worked around by those who are willing.
We clearly still have a long way to go before fully getting a handle on this crypto thing.
Until then, be great,