US claims North Korea’s ‘Lazarus Group’ responsible for Axie Infinity hack

The U.S. Treasury Department has claimed that the North Korean hacker radical Lazarus is liable for the $625 million hack of the Axie Infinity Ronin bridge.

The bureau added an Ethereum (ETH) address containing immoderate of the stolen cryptocurrency to its sanctions list. As of April 14, the wallet held astir 148,000 ETH.

THREAD: Updates to OFAC’s SDN designation for Lazarus Group corroborate that the North Korean cybercriminal radical was down the March hack of Ronin Bridge, successful which implicit $600 cardinal worthy of ETH and USDC was stolen.

— Chainalysis (@chainalysis) April 14, 2022

Crypto analytics steadfast Chainalysis confirmed that the wallet received a important portion of the stolen funds, portion Elliptic precocious revealed that astir 14% of the magnitude has been laundered.

Who is the Lazarus Group?

The Lazarus radical is simply a North Korean state-backed cybercrime portion that has been progressive successful respective high-profile crypto heists successful caller years.

Lazarus archetypal came into the limelight successful 2018 for stealing implicit $200 cardinal successful crypto from Gate.io and has continued to summation notoriety.

In 2020, the radical was besides progressive successful stealing astir $300 cardinal worthy of integer assets stolen from KuCoin, a Singapore-based crypto exchange.

Lazarus has begun to “deploy high-level techniques to bargain and launder crypto profited from assorted cybercrime attacks” and is suspected to beryllium backed by the DPRK government. A caller study revealed that parts of the Lazarus radical person been utilizing hacks to finance North Korea’s missile programs.

What is Ronin Network doing astir the hack?

Ronin Network said successful a blog that it is adding much information measures to the Ronin span to trim the hazard of a aboriginal occurrence and expects to redeploy the span by the extremity of the month.

Ronin web is an Ethereum broadside concatenation that hosts the Axie Infinity play-to-earn the game. The developer of the game, Sky Mavis, uses it due to the fact that it offers a amended scalability option, which is simply a request for a level similar Axie Infinity. 

Meanwhile, Axie Infinity raised $150 cardinal from its investors to refund affected users. While the Ronin span isn’t backmost up yet, users tin present retreat via Binance.

CryptoSlate precocious reported that the level mislaid a sizeable fig of its users adjacent earlier the hack.

What the US authorisation means for the wallet

With the U.S. blacklisting the wallet that holds a important portion of the funds, the radical would person a overmuch much hard clip converting the stolen funds into fiat.

The hacker has to usage a centralized speech to person the stolen funds due to the fact that it requires important liquidity.

A spokesperson for the Treasury said:

Identification of the wallet volition marque wide to different VC actors that by transacting with it, they hazard vulnerability to U.S. sanctions. This demonstrates Treasury’s committedness to utilizing each disposable authorities to disrupt malicious cyber actors and artifact ill-gotten transgression proceeds.

Thus, it volition present beryllium intolerable to transportation the funds successful the wallet to a centralized speech without getting flagged.