Alex Lab DeFi Protocol Hacked: $4M Stolen 😱

Alex Lab DeFi Protocol Hacked: $4M Stolen 😱

Unveiling the Alex Lab DeFi Protocol Hack

In a shocking turn of events, the Alex Lab Foundation was the target of a phishing attack that drained millions of dollars in user funds. The exploit occurred on May 15, revealing vulnerabilities in the DeFi protocol’s security infrastructure. The attacker gained access to private keys through a phishing scheme, allowing them full control over the funds stored in the Alex Liquidity Pool vault.

The hacker targeted several assets in the vault, including aBTC, sUSDT, XBTC, xUSD, ALEX, atALEX, LiSTX, SKO, CHAX, $B20, ORDG, ORMM, ORNJ, TRIO, TX20, and STXS. Despite the breach, the protocol maintained that its underlying smart contract code and infrastructure remained intact.

Recovery Efforts and Asset Tracking

Following the attack, the Alex Lab DeFi Project swiftly took action to recover the stolen assets. By May 16, the team managed to reclaim most of the compromised funds and initiated monitoring of the exploiter’s wallets. The project also informed relevant centralized exchanges (CEXs) about the incident to prevent further asset dispersal.

  • The admin hijack resulted in the draining of 13.7 million Stacks (STX)
    • 3 million STX was sent to various CEXs for conversion
  • Assets were transferred to exchanges like Binance, Kraken, OKX, and more

Unmasking the Lazarus Group Connection

As the investigation progressed, Alex Lab uncovered a possible connection between the exploit and the notorious Lazarus Group. The hacker executed around 10,000 transactions within a month, dispersing STX tokens across multiple addresses. Subsequent transfers to CEXs in smaller increments aimed to obfuscate the trail.

  • Over 8.3 million STX were funneled to CEXs, totaling $14 million
  • Approximately 5.5 million STX remained trapped in on-chain wallets

Identifying the Attacker and Legal Action

A breakthrough in the investigation revealed that the attacker potentially belonged to the Lazarus Group. By tracing exploit addresses back to the hacker group, Alex Lab obtained crucial evidence linking the attack to the infamous cybercriminals. The project has engaged with law enforcement and cybersecurity experts to mitigate the impact of the breach and recover lost assets.

  • The exploit address sent funds to a Lazarus Group-associated wallet
  • Forensic analysis by crypto detective ZachXBT uncovered significant transaction evidence

Collaborative Efforts for Recovery

Amid ongoing investigations, Alex Lab has cooperated with CEXs and law enforcement, notably the Singapore Police Force. By leveraging expertise from cybersecurity professionals, the project aims to address the implications of the hack and maximize asset recovery efforts. The collaboration signals a united front against cyber threats in the DeFi space.

Read Disclaimer
This content is aimed at sharing knowledge, it's not a direct proposal to transact, nor a prompt to engage in offers. Lolacoin.org doesn't provide expert advice regarding finance, tax, or legal matters. Caveat emptor applies when you utilize any products, services, or materials described in this post. In every interpretation of the law, either directly or by virtue of any negligence, neither our team nor the poster bears responsibility for any detriment or loss resulting. Dive into the details on Critical Disclaimers and Risk Disclosures.

Share it

Alex Lab DeFi Protocol Hacked: $4M Stolen 😱