ALEX Lab, a Bitcoin DeFi application, has linked its recent exploit to the notorious North Korea-backed Lazarus Group.
Last month, ALEX Lab suffered a significant security breach that resulted in the loss of over $4 million worth of various tokens after attackers gained access to the private key controlling its XLink bridge.
In a June 15 statement, the project highlighted three crypto wallet addresses “crucial in tracing the culprits and the flow of stolen assets.” These addresses interacted with a Lazarus-related address, sending funds to a Tron address regularly used by the group.
As a result, it was concluded that the hacking incident was connected to the nefarious hacking group. It stated:
“After extensive forensic analysis and investigations facilitated by blockchain analyst ZachXBT who provided critical assistance on transaction tracing, there is substantial transaction evidence linking the attack to the Lazarus Group, a notorious hacker collective believed to be associated with the North Korean government.”
Over the past few years, Lazarus Group has emerged as one of the most notorious hacking groups targeting the crypto industry. A Chainalysis report estimated that the North Korean hackers have stolen over $3 billion in the past five years.
No asset recovery
Meanwhile, ALEX Lab revealed that most stolen STX tokens were frozen on centralized exchanges (CEXs). It added that it will inform users when the funds become available for return.
The project explained:
“Many of those STX that we traced to CEXs are currently frozen with the relevant exchanges indicating that they will continue to freeze stolen assets pending the police investigations.”
Further, it stated that it collaborated with the Singapore Police Force and cybersecurity experts to recover the stolen assets.
In the meantime, Alex Lab has resumed most of its operations, including token migration and reopening unaffected liquidity providers.