Alex Lab Links $4M Exploit to North Korean Lazarus Group
Highlights:
- Using substantial transaction evidence, Alex Lab links a $4 million exploit to North Korea’s Lazarus Group.
- The May exploit involved siphoning $4.3 million and $13.7 million of Stacks (STX) tokens.
- Despite offering a 10% bounty, the attackers did not return the stolen funds.
Bitcoin layer-2 developer Alex Lab suspects the $4 million exploit it experienced in May was orchestrated by the formidable North Korean hacking collective Lazarus Group. The exploit involved siphoning about $4.3 million and $13.7 million of the Stacks (STX) token.
Advertisement
Suspected Culprits and Evidence
On June 25, Alex Lab shared findings pointing to three wallet addresses used by hackers on May 16 to drain funds from the Bitcoin-based decentralized finance (DeFi) protocol. They collaborated with independent blockchain sleuth ZachXBT to compile evidence linking Lazarus to the exploit.
Update on the ALEX Incident Investigation
Dear ALEX Community,
We wish to share an important update on the ALEX incident investigation from last month, which resulted in unauthorized access and the loss of funds. We understand the severity of this issue and are committed to full…— ᛤ ALEX 🟧 THE Finance Layer on Bitcoin ᛤᛤᛤ (@ALEXLabBTC) June 25, 2024
In a detailed statement on X, formerly Twitter, Alex Lab revealed,
After extensive forensic analysis and investigations facilitated by blockchain analyst ZachXBT, substantial transaction evidence links the attack to the Lazarus Group.
The hackers exploited around $13.7 million worth of Stacks (STX) tokens. Some of the exploited funds were sent to centralized exchanges and subsequently frozen. The breach involved the hackers gaining access to the team’s private keys. However, the smart contracts of the Alex Protocol remained uncompromised.
Transaction Tracing and Forensic Analysis
On May 16, Alex Lab notified users about the attack on their BNB Smart Chain bridge. The attackers siphoned off around $4.3 million worth of funds. By June 20, the team reported that the attackers had broadcast over 11,800 STX transactions, using several DeFi protocols and bridges, including Arkadiko, Bitflow, and Allbridge, to launder the stolen STX.
ALEX Security Update
Dear Community,
We want to keep everyone informed about the recent attack and our ongoing efforts to address the situation with ALEX. Yesterday, we became aware of an exploit using compromised private keys obtained via a phishing attack. The exploiter was…— ᛤ ALEX 🟧 THE Finance Layer on Bitcoin ᛤᛤᛤ (@ALEXLabBTC) May 16, 2024
Alex Lab stated, “The following blockchain addresses and transactions were crucial in tracing the culprits and the flow of stolen assets: Initial Exploit Link: Address 0x418e337774d26365efeaa4700e889a9746330c4e was directly linked to the XLink/ALEX Exploit. That address sent funds to 0x639F61cA3E0e3fDCd654DC4A22579e7382dEBeA3. Connection to Lazarus Group: Address 0x639F61cA3E0e3fDCd654DC4A22579e7382dEBeA3 used a known Lazarus TRON address (TSMQQM9NMumDfZryQCtsKT5d5kgt7Ck2rm).”
Response and Recovery Efforts
In response to the attack, Alex Lab offered the attackers a 10% bounty to return 90% of the stolen funds and promised not to pursue legal action if the funds were returned. However, the attackers did not respond to the bounty request.
Alex Lab also facilitated contact between the Singapore Police Force and relevant cryptocurrency exchanges as part of the ongoing investigation. They stated,
Many of those STXs that we traced to CEXs are currently frozen, with the relevant exchanges indicating that they will continue to freeze stolen assets pending the police investigations. The Foundation will make an appropriate announcement once these frozen funds can be returned to the affected users.
Alex Lab remains committed to restoring the integrity of its platform and preventing future breaches. The team stated,
We are actively collaborating with international law enforcement and cybersecurity experts to address this attack’s implications and recover lost assets. Enhanced security protocols are being implemented to fortify our platform against similar threats.
The incident has significantly impacted the trading value of the ALEX token. Over the past week, it has slumped 18% and is down 48% over the last month. It is currently trading at $0.07269.
Read More
- SHIB Trader Reaps $8.3M in Market Slump—March Peak Could’ve Hit Over $30M
- Best Crypto Exchanges in 2024
Advertisement
Raymond Munene
Raymond Munene is a crypto content writer who contributes to Crypto2Community. With over three years of experience, he is interested in Bitcoin, Blockchain, and Technical Analysis. Focusing on daily market analysis, his research helps traders and investors alike. His particular interest in cryptocurrency and blockchain aids his audience.
View full profile ›ℹ️About Crypto2Community's Editorial Process
Crypto2Community's editorial policy is centered on delivering thoroughly researched, accurate, and unbiased content. We uphold strict editorial policy and sourcing standards, and each page undergoes diligent review by our team of top crypto industry experts and seasoned editors. This process ensures the integrity, relevance, and value of our content for our readers.
