Bitcoin-Based DeFi Protocol Alex Lab Identifies Hacker Behind $14 Million STX Theft

  • Bitcoin-based DeFi protocol, Alex Lab, recently disclosed new information regarding a security breach it encountered in May.
  • The project believes it has potentially identified the attacker, leveraging blockchain forensics and ongoing police investigations.
  • Significant financial losses and rapid forensic advancement underline the gravity and sophistication of the incident.

Discover the latest about Alex Lab’s hack investigation, revealing potential links to the infamous Lazarus Group. Stay informed on how the DeFi sector navigates complex security challenges.

Major DeFi Exploit Costs Alex Lab Millions

On May 15, Alex Lab Foundation found itself victimized by a severe phishing exploit, which resulted in a loss of millions from users’ funds. The attacker successfully obtained critical private keys through a well-orchestrated phishing scheme, granting them complete access to the protocol’s vaults.

This breach led to the unauthorized access and draining of numerous assets, including aBTC, sUSDT, XBTC, and several others. Fortunately, the core smart contract code and primary infrastructure remained secure, unaffected by the exploit.

The attacker managed to siphon off around 13.7 million Stacks (STX), with approximately 3 million STX distributed across multiple centralized exchanges like Binance, Kraken, OKX, Bybit, and Kucoin.

By May 16, Alex Lab had recovered a substantial portion of the compromised assets and was actively monitoring the exploiter’s wallets, having already alerted the involved exchanges.

Efforts to Recover Stolen Funds

The protocol reported that around $4 million worth of stolen funds were in the recovery phase, being traced back through centralized exchange channels. However, Alex Lab cautioned that retrieving all the stolen funds might not be possible, despite ongoing efforts.

Investigation Points to Lazarus Group

In a significant update on June 17, Alex Lab informed investors about new developments in the investigation. Despite attempts to engage with the exploiter, the DeFi protocol continued tracking the stolen assets.

Over the month, the attacker executed nearly 10,000 transactions, creating numerous new addresses to disperse the on-chain STX tokens, which were then transferred to centralized exchanges in smaller increments.

The sophistication of the exploit was evident as new wallets linked to the event multiplied daily. As of last week, around 8.3 million STX had been funneled into exchanges, with approximately 5.5 million STX still observable on-chain.

Forensic Analysis and Attribution

By June 24, critical progress was announced. Collaborating with blockchain analyst ZachXBT, Alex Lab revealed that forensic analysis had potentially identified the attacker as the notorious North Korean hacking conglomerate, Lazarus Group.

The initial analysis suggested that an address associated with the exploit forwarded funds to another address, which is linked to known Lazarus Group operations on the TRON network.

Alex Lab has facilitated communication between the centralized exchanges and the Singapore Police Force, aiming to address the implications of this cyber-attack comprehensively and recover the lost assets. The protocol continues to work alongside cybersecurity experts to mitigate the impact and improve defenses against future threats.


The Alex Lab hack serves as a stark reminder of the vulnerabilities in the DeFi sector. While the project has made strides in recovering some of the stolen assets and identifying possible suspects, the incident underscores the need for enhanced security measures and cooperation within the crypto community. The ongoing investigation and collaboration with global authorities reflect an industry-wide commitment to safeguarding user funds and maintaining trust in decentralized finance platforms.

Don't forget to enable notifications for our Twitter account and Telegram channel to stay informed about the latest cryptocurrency news.

Latest News

Major MKR Whale Deposits $7M to Binance, Alters Maker (MKR) Price Dynamics

Recent movements by a significant Maker (MKR)...

Upbit Sees 30% Trading Volume Drop Amid New South Korean Crypto Regulations

South Korea's new crypto regulations have significantly...

Cardano (ADA) Faces Critical Support Battle Amid Market Downturn: Will Bulls Defend Key Range?

Cardano, the 10th-largest cryptocurrency by market cap,...

Bitcoin Conference and Ethereum ETF Approval Set to Drive Crypto Market This Week

This week marks a pivotal moment for...

PRO Analysis

Dogwifhat Price Targets $4 Amid Strong Bullish Momentum

Dogwifhat is experiencing a notable upward momentum...

BOOK OF MEME Coin Soars 47% Amid Bullish Patterns: Potential To Hit $0.015

BOOK OF MEME price experiences a significant surge,...

PIXFI Faces Bearish Turn: Analysis and Key Levels for July 2024

#Pixelverse, a prominent crypto gaming platform, launched its...

Dogecoin Leads the Pack: 2024’s Top Dog-Themed Meme Coin Performance Analysis

In 2024, dog-themed meme coins such as...
Jocelyn Blake
Jocelyn Blake
Jocelyn Blake is a 29-year-old writer with a particular interest in NFTs (Non-Fungible Tokens). With a love for exploring the latest trends in the cryptocurrency space, Jocelyn provides valuable insights on the world of NFTs.

XRP Price Surges Amid Speculation of Ripple Settlement in Rescheduled SEC Meeting

XRP is once more in the spotlight as the SEC reschedules a crucial closed-door meeting set for July 25. ...

Major MKR Whale Deposits $7M to Binance, Alters Maker (MKR) Price Dynamics

Recent movements by a significant Maker (MKR) whale indicate a strategic approach to market engagement. This whale has been actively depositing...

Upbit Sees 30% Trading Volume Drop Amid New South Korean Crypto Regulations

South Korea's new crypto regulations have significantly impacted major exchanges. These regulations are designed to enhance the security and transparency of...