Alex Lab, a Bitcoin layer-2 developer, has suggested that the $4 million exploit it suffered in May could be connected to the notorious North Korean hacking group, Lazarus Group.
In a June 25 post on X, the team identified three wallet addresses used by hackers on May 16 to siphon funds from its Bitcoin-based DeFi protocol, hinting at a possible connection to the Group.
The investigation revealed that address 0x418e337774d26365efeaa4700e889a9746330c4e initiated the exploit, transferring funds to 0x639F61cA3E0e3fDCd654DC4A22579e7382dEBeA3. This second address was found to be linked to a known Lazarus TRON address, suggesting the Group’s involvement.
Update on the ALEX Incident Investigation
Dear ALEX Community,
We wish to share an important update on the ALEX incident investigation from last month, which resulted in unauthorized access and the loss of funds. We understand the severity of this issue and are committed to full…— ᛤ ALEX 🟧 THE Finance Layer on Bitcoin ᛤᛤᛤ (@ALEXLabBTC) June 25, 2024
The Alex Lab team had informed the users of its Alex Protocol on May 16 that attackers had exploited its BNB Smart Chain bridge, stealing approximately $4.3 million. The hackers targeted about 13.7 million Stacks (STX) tokens and conducted over 11,800 STX transactions. They used various DeFi protocols and bridges, including Arkadiko, Bitflow, and Allbridge, to off-ramp the stolen STX.
At the time, the team also assured users that the protocol’s smart contracts were not compromised during the breach.
In an attempt to recover the funds, the team offered the attackers a 10% bounty for returning 90% of the stolen assets and promised to forego legal action. However, this offer received no response.
The company is now actively collaborating with international law enforcement and cybersecurity experts to address the attack’s implications and recover lost assets.
Alex Lab stated in the latest post,
“We are actively collaborating with international law enforcement and cybersecurity experts to address the implications of this attack and to recover lost assets. Enhanced security protocols are being implemented to fortify our platform against similar threats.”
The team also noted that they were working with a pseudonymous blockchain sleuth, ZachXBT, on the investigation.
If you want to read more news articles like this, visit DeFi Planet and follow us on Twitter, LinkedIn, Facebook, Instagram, and CoinMarketCap Community.
“Take control of your crypto portfolio with MARKETS PRO, DeFi Planet’s suite of analytics tools.”
