0
0
Discover the latest about Alex Lab’s hack investigation, revealing potential links to the infamous Lazarus Group. Stay informed on how the DeFi sector navigates complex security challenges.
On May 15, Alex Lab Foundation found itself victimized by a severe phishing exploit, which resulted in a loss of millions from users’ funds. The attacker successfully obtained critical private keys through a well-orchestrated phishing scheme, granting them complete access to the protocol’s vaults.
This breach led to the unauthorized access and draining of numerous assets, including aBTC, sUSDT, XBTC, and several others. Fortunately, the core smart contract code and primary infrastructure remained secure, unaffected by the exploit.
The attacker managed to siphon off around 13.7 million Stacks (STX), with approximately 3 million STX distributed across multiple centralized exchanges like Binance, Kraken, OKX, Bybit, and Kucoin.
By May 16, Alex Lab had recovered a substantial portion of the compromised assets and was actively monitoring the exploiter’s wallets, having already alerted the involved exchanges.
The protocol reported that around $4 million worth of stolen funds were in the recovery phase, being traced back through centralized exchange channels. However, Alex Lab cautioned that retrieving all the stolen funds might not be possible, despite ongoing efforts.
In a significant update on June 17, Alex Lab informed investors about new developments in the investigation. Despite attempts to engage with the exploiter, the DeFi protocol continued tracking the stolen assets.
Over the month, the attacker executed nearly 10,000 transactions, creating numerous new addresses to disperse the on-chain STX tokens, which were then transferred to centralized exchanges in smaller increments.
The sophistication of the exploit was evident as new wallets linked to the event multiplied daily. As of last week, around 8.3 million STX had been funneled into exchanges, with approximately 5.5 million STX still observable on-chain.
By June 24, critical progress was announced. Collaborating with blockchain analyst ZachXBT, Alex Lab revealed that forensic analysis had potentially identified the attacker as the notorious North Korean hacking conglomerate, Lazarus Group.
The initial analysis suggested that an address associated with the exploit forwarded funds to another address, which is linked to known Lazarus Group operations on the TRON network.
Alex Lab has facilitated communication between the centralized exchanges and the Singapore Police Force, aiming to address the implications of this cyber-attack comprehensively and recover the lost assets. The protocol continues to work alongside cybersecurity experts to mitigate the impact and improve defenses against future threats.
The Alex Lab hack serves as a stark reminder of the vulnerabilities in the DeFi sector. While the project has made strides in recovering some of the stolen assets and identifying possible suspects, the incident underscores the need for enhanced security measures and cooperation within the crypto community. The ongoing investigation and collaboration with global authorities reflect an industry-wide commitment to safeguarding user funds and maintaining trust in decentralized finance platforms.
0
0
すべての暗号通貨、NFT、DeFiを1か所から管理開始に使用しているポートフォリオを安全に接続します。
