Research and Proof of Evidence

The researchers gathered evidence connecting Lazarus to the exploit working with independent blockchain sleuth ZachXBT. Alex Lab told users on May 16 that attackers had syphoned out around $4.3 million by using its BNB Smart Chain bridge. Furthermore used were about $13.7 million worth of Stacks (STX) tokens, some of which were transmitted to controlled exchanges and later locked.

This Might Interest You: Biden Likely to Win Popular Vote, But Not Presidency, According to Prediction Markets

Alex Lab revealed on June 20 that the assailant had off-ramped the stolen STX utilizing numerous DeFi protocols and bridges including Arkadiko, Bitflow, and Allbridge, transmitting over 11,800 STX transactions. Though the smart contracts of the Alex Protocol were never hacked, the vulnerability included hackers obtaining access to the team’s private keys.

Alex Lab pledged to stop legal action should the 90% of the pilfers be recovered and gave the attackers a 10% reward for this purpose. The assailants did not answer the reward appeal, however.

Affective on ALEX Token

Alex Lab’s native ALEX token has sunk 10% in the previous week and dropped 47% over the past month, therefore the exploit has had a big effect on its pricing. Right now it is trading at $0.07.

Click here to get the latest news from Coin Engineer!

The post Alex Lab Suspects $4 Million Exploit Linked to North Korea’s Lazarus Group appeared first on Coin Engineer.

According to security expert CertiK, the hackers probably obtained a secret key that was in charge of ALEX’s XLink bridge, which enables users to move tokens between several blockchains. The hacker moved stablecoins worth $3.3 million, bitcoin (BTC) worth over $300,000, and Sugar Kingdom (SKO) tokens for $75,000.

In an early European hour message, ALEX developers acknowledged the hack and said they knew who the perpetrator was. The group gave them a 10% reward for returning 90% of the money that had been taken.

“ALEX Lab Foundation has identified the individual responsible for the recent security breach and is offering a resolution through a bounty arrangement,” the developers stated. “Alex guarantees that there will be no more pursuit or law enforcement involvement after compliance. Offer valid until May 18 at 08.00 UTC.”

To stop such abuse, the team stated that major exchanges have frozen funds linked to the hacker.

Compromises of private keys are among the most often used attack methods by hackers. Poor private key security was the cause of some of the largest cryptocurrency attacks, including Harmony’s $100 million hack in the same year and Ronin’s $650 million drain.

The post ALEX Lab Hacked: $4.3 Million in Crypto Stolen appeared first on Coin Engineer.