Crypto casino Stake hit in $41m theft by North Korean hackers, says FBI

By Manuel

11th September 2023

The Federal Bureau of Investigation (FBI) says North Korean hackers were behind the theft of more than $40 million from a leading crypto casino earlier this month. It said that Stake, which offers a range of casino games as well as sports betting, was hit on or around September 4.

In a statement, the FBI said it has collected evidence showing that the Lazarus Group – which is sometimes referred to as APT38 – was behind the attack on the crypto casino. Lazarus Group is composed of “DPRK cyber actors”, according to the FBI.

Stolen funds that were associated with the Ethereum, Binance Smart Chain and Polygon networks from Stake.com were moved into Lazarus Group accounts, the investigation showed. Bitcoin, Litecoin and XRP were able to remain fully operational throughout the hack, said Stake.

“The FBI will continue to expose and combat the DPRK’s use of illicit activities to generate revenue for the regime, including cybercrime and virtual currency theft,” the FBI statement said.

DPRK cyber actors are said to have stolen over $200 million since the start of the year, including taking around $60 million of virtual currency from Alphapo and CoinsPaid in July. A further $100 million of virtual currency was stolen in June by the group, from Atomic Wallet.

Operating in countries as far afield as the UK, Canada, Brazil and Japan, Stake has become one of the biggest names in the rapidly expanding world of crypto casinos.

With brand ambassadors such as Drake signed up, Stake has also used sports sponsorships to increase its reach, teaming up with the likes of English football team Everton, although a proposed deal to become the new shirt sponsor of Chelsea was scuppered by fans’ response.

Writing on Medium in response to the FBI investigation, Stake’s co-founder Ed Craven said none of the crypto casino’s user funds were ever compromised and the hack had been flagged internally within 20 minutes of the incident getting under way.

While Stake was able to get quickly back up and running in the wake of the hack, Craven confirmed two affected games would remain offline while the site’s investigations conclude.

“As a major company, we continue to invest in our cyber security all the time as we know it is essential to adapt quickly to emerging threats,” he wrote in the post. “Nonetheless, this recent event proved that no-one is immune from malicious exploits from external actors.”

Craven added investment in security at the crypto casino site will continue “in order to protect our ever growing, dedicated player base”.