Venus Successfully Retrieves $13.5 Million Stolen in Phishing Incident Linked to Lazarus Group
In a significant turn of events, the Venus Protocol has announced the successful recovery of $13.5 million in crypto stolen from one of its users. The theft, which was traced back to the North Korea-backed Lazarus Group, was the result of a sophisticated phishing attack.
Kuan Sun, the victim in the crypto theft, was the first to reveal that blockchain security firm SlowMist traced the hacker's origins to the Lazarus Group. Kuan Sun, who was not previously mentioned as being involved in the recovery process, later provided information about the involvement of multiple teams in the recovery effort.
The recovery effort involved teams from Binance, PeckShield, and Venus, in addition to the blockchain security firm SlowMist. Kuan Sun described the recovery process as a "battle against the Lazarus Group," adding a personal perspective to the recovery effort.
Venus paused the platform immediately after the suspicious activity was detected. An emergency governance vote was initiated by Venus, authorising the forced liquidation of the attacker's wallet. The forced liquidation of the attacker's wallet enabled the quick recovery of the stolen funds within 12 hours.
Kuan Sun expressed his victory in the recovery process by saying, "And together, as a team, we won." This sentiment was echoed by the teams involved, demonstrating the collaborative nature of the recovery effort.
The attackers gained delegated control over the victim's account, allowing them to drain millions in stablecoins and wrapped assets. However, the swift and effective response from the recovery teams prevented further losses.
It is important to note that the attackers exploited a malicious Zoom client to deceive the victim. This underscores the need for vigilance and security measures, even in seemingly routine activities.
The story is an excerpt from the Unchained Daily newsletter, a trusted source for updates on the crypto and blockchain industry. As the industry continues to evolve, such incidents serve as reminders of the importance of security measures and the power of collaboration in overcoming challenges.
