Lazarus hacks Axie Infinity
U.S. officials have linked North Korean state-backed hacking group Lazarus to the recent theft of $625 million in cryptocurrency from the Ronin Network, an Ethereum-based sidechain made for the popular play-to-earn game Axie Infinity.
The Treasury Department’s Office of Foreign Assets Control (OFAC) on Thursday announced new sanctions against an Ethereum wallet belonging to Lazarus. Blockchain analysis firms Elliptic and Chainalysis have both confirmed that the U.S. Treasury’s wallet address is identical to the one used in the Ronin hack, which saw the attackers exploit the network for 173,600 ether, or about $597 million, and $25.5 million worth of the stablecoin USDC. The heist, which totaled $625 million at the time, is the largest decentralized finance hack to date, according to the DeFiYield REKT database, which tracks DeFi scams, hacks and exploits.
Axie Infinity creator raises $150M round to compensate victims of ~$625M Ronin hack
The wallet itself — which held 148,000 ether as of Thursday — was discovered by the FBI as part of its ongoing investigation of the threat posed by North Korea and state-sponsored actors like Lazarus Group. Blockchain analysis firm Elliptic estimated that 14% of the stolen funds had already been laundered, while another $9.7 million worth is in intermediary wallets in preparation for laundering.
The newly announced sanctions prohibit U.S. individuals and entities from making transactions with the identified Ethereum account. This ensures the state-sponsored group — which has previously been linked to a 2014 hack on Sony Pictures and the 2017 WannaCry ransomware attacks — can’t cash out through U.S.-based crypto exchanges any further funds they continue to hold.
In an updated post about the incident, the Ronin Network, which is owned by developer group Sky Mavis, said it expects to deliver a full post-mortem of the crypto-heist by the end of the month.
According to a recent report by blockchain analysis firm Chainalysis, North Korean hackers launched at least seven attacks on cryptocurrency platforms last year to steal almost $400 million worth of digital assets. As per the report, the Lazarus Group is suspected of carrying out the attacks.
Lazarus hacks Axie Infinity
