The FBI has identified the North Korean-backed hacker group Lazarus as the culprit behind a cybercrime spree that saw $41 million stolen from a casino in 2018. The attack, which was first reported by cybersecurity firm Kaspersky at the time, marks the first public confirmation of Lazarus being behind a successful online robbery.
According to the FBI, the group was able to breach military computer networks in addition to several private banks, media companies and casinos. The hack on the casino was carried out using a combination of sophisticated cyber tools—developed by the group and distributed across a vast network of botnet computers—to gain access to the casino’s system.
Once inside, the hackers used automated scripts and malware to seize and steal up to $41 million from the casino’s customers. The stolen funds were then funneled to financial institutions and converted into laundered proceeds.
The investigation into the attack is ongoing and will likely take many more months, with the U.S. Justice Department leading the case. With the Lazarus Group identified as the perpetrator, U.S. officials have promised to act aggressively in order to bring the hackers to justice and secure any funds that were stolen.