HQ/EMEAFind out how we can help your business
Stake.com, an online cryptocurrency casino, has reported a loss of $41 million to threat actors who targeted their ETH/BSC hot wallets. These unauthorised transactions led to the theft of over $40 million in cryptocurrency funds.
The affected entity quickly reassured its users that the attackers had not compromised their funds in other wallets, such as BTC, LTC, XRP, EOS, and TRX, and remained fully functional.
The crypto community experienced some challenges regarding their funds after the attack on Stake.com.
Based on reports, some users experienced difficulties depositing or withdrawing funds on Stake.com during this cybercriminal incident. However, the platform has now informed its community that its services have resumed, and users can once again deposit and withdraw funds in all supported currencies.
Blockchain investigators who tracked the flow of funds reported that the hackers stole $15.7 million in Ethereum and an additional $25.6 million in Binance Smart Chain (BSC) and Polygon, bringing the total amount lost in the hack to $41.3 million. This incident makes it one of the most significant cryptocurrency heists this year.
The substantial amount stolen from the Curacao-based betting platform raises concerns about the involvement of state-sponsored threat actors. However, no concrete evidence points in that direction, and investigators are not drawing quick conclusions.
In a related incident a few months ago, GitHub warned everyone about the North Korean state-sponsored Lazarus group. The group was linked to thefts of $35 million from Atomic Wallet in June, $60 million from Alphapo in July, and another $37.3 million from CoinsPaid in July.
Furthermore, the FBI recently notified the public of the North Korean hacking group’s activities, indicating that they were preparing to cash in on $41 million worth of stolen cryptocurrency, with signs of money laundering and money movement preparation.
Stake.com has not yet revealed specific details about the security breach that led to the compromise of their hot wallets. Typically, such breaches occur due to the leakage or compromise of private keys. Organisations should be careful with their private keys since most threat actors will likely target such tools to start their operations.
