Unveiling the Alex Lab DeFi Protocol Hack
In a shocking turn of events, the Alex Lab Foundation was the target of a phishing attack that drained millions of dollars in user funds. The exploit occurred on May 15, revealing vulnerabilities in the DeFi protocol’s security infrastructure. The attacker gained access to private keys through a phishing scheme, allowing them full control over the funds stored in the Alex Liquidity Pool vault.
The hacker targeted several assets in the vault, including aBTC, sUSDT, XBTC, xUSD, ALEX, atALEX, LiSTX, SKO, CHAX, $B20, ORDG, ORMM, ORNJ, TRIO, TX20, and STXS. Despite the breach, the protocol maintained that its underlying smart contract code and infrastructure remained intact.
Recovery Efforts and Asset Tracking
Following the attack, the Alex Lab DeFi Project swiftly took action to recover the stolen assets. By May 16, the team managed to reclaim most of the compromised funds and initiated monitoring of the exploiter’s wallets. The project also informed relevant centralized exchanges (CEXs) about the incident to prevent further asset dispersal.
- The admin hijack resulted in the draining of 13.7 million Stacks (STX)
- 3 million STX was sent to various CEXs for conversion
- Assets were transferred to exchanges like Binance, Kraken, OKX, and more
Unmasking the Lazarus Group Connection
As the investigation progressed, Alex Lab uncovered a possible connection between the exploit and the notorious Lazarus Group. The hacker executed around 10,000 transactions within a month, dispersing STX tokens across multiple addresses. Subsequent transfers to CEXs in smaller increments aimed to obfuscate the trail.
- Over 8.3 million STX were funneled to CEXs, totaling $14 million
- Approximately 5.5 million STX remained trapped in on-chain wallets
Identifying the Attacker and Legal Action
A breakthrough in the investigation revealed that the attacker potentially belonged to the Lazarus Group. By tracing exploit addresses back to the hacker group, Alex Lab obtained crucial evidence linking the attack to the infamous cybercriminals. The project has engaged with law enforcement and cybersecurity experts to mitigate the impact of the breach and recover lost assets.
- The exploit address sent funds to a Lazarus Group-associated wallet
- Forensic analysis by crypto detective ZachXBT uncovered significant transaction evidence
Collaborative Efforts for Recovery
Amid ongoing investigations, Alex Lab has cooperated with CEXs and law enforcement, notably the Singapore Police Force. By leveraging expertise from cybersecurity professionals, the project aims to address the implications of the hack and maximize asset recovery efforts. The collaboration signals a united front against cyber threats in the DeFi space.