North Korea-backed hacker organization Lazarus Group was behind the US$41 million hack of online crypto gambling platform on Monday, the U.S. Federal Bureau of Investigation (FBI) confirmed in a statement Wednesday.

See related article: Tornado Cash founders charged with money laundering crypto, including proceeds from North Korean heists

Fast facts

  • The stolen crypto assets were moved from’s Ethereum, Binance Smart Chain (BSC), and Polygon networks to 33 different addresses, according to the FBI.
  • The FBI said hackers from the Democratic People’s Republic of Korea (DPRK) have stolen over US$200 million of digital currencies this year, including funds siphoned off Alphapo and CoinsPaid crypto platforms earlier this year.
  • U.S. authorities had said that funds stolen by DPRK-backed cyber actors are used to support North Korea’s weapons programs. 
  • Lazarus Group previously used the now-sanctioned Tornado Cash to move illicit funds. But after the sanctions, Lazarus utilized chain-hopping to launder some of the funds stolen from Ronin, according to Chainalysis.
  • Meanwhile, the U.S., Japan and South Korea on Aug. 18 agreed to establish a trilateral working group to tackle North Korean cyberattacks as early as next month, according to South Korea’s KBS News.

See related article: North Korean hackers move 41,000 ETH stolen from Harmony Bridge attack