The US Treasury linked the North Korean hacker group Lazarus to last month’s attack that extracted more than $600 million from Ronin.
According to US federal agents, the North Korea-based hacker group Lazarus got connected to the hacking of more than $600 million into the Ronin platform. This network backs up the popular video game Axie Infinity.
The US Treasury Department assured the hackers’ connection to the recent attack in an update to its list of punished entities. According to some reports, the government agency’s Office of Foreign Assets Control on Thursday included an Ethereum wallet address previously detected as the Ronin bridge exploiter.
According to CoinDesk, blockchain analytics firm Chainalysis also determined in a tweet that the address had a crucial role in the Ronin attack. The Ronin team improved a previous blog post about the attack, suggesting that the FBI had linked Lazarus to the breach and that the Treasury Department gave sanctions to the funds.
Lazarus has Connections with the Attack on Ronin
US authorities have previously described Lazarus as a North Korean “state-sponsored hacking entity teamed up by experts in crypto. Its first attacks date back to 2009. It has been allegedly responsible for prominent hacks, including a 2017 WannaCry ransomware attack, the 2014 Sony Pictures breach, and a series of attacks on pharmaceutical entities in 2020.
Ronin Network is a sidechain linked to the Ethereum main net created by Sky Mavis, the creators of Axie, to support faster and cheaper operations for the game. The bridge went through one of the most significant hacking attacks last month, in which it lost at least $625 million worth of ETH and USDC.
The Ronin attack happened on March 23, but it was not until a week after the attack got unveiled. At the time, the Ronin team stopped the bridge. It determined that it was working with various US government agencies and Chainalysis to discover all those responsible for the attack.
19% of Stolen Funds Already Got Laundered
Overall, the Ronin and Sky Mavis teams have made strenuous efforts to fix what happened. The creators of Axie have already collected $150 million to reimburse users who lost money due to the attack. They are also offering a $1 million reward to hackers who can identify “severe” vulnerabilities in the network.
Meanwhile, hackers have been doing their thing to liquidate the funds. As reported by Blockworks, the attackers attempted to sell around 6,500 stolen ETH in March, transferring the tokens to three different exchanges. Meanwhile, all the stolen USDC got moved to various DeFi wallets and protocols, Etherscan shows.
Etherscan data also shows that more than 3,000 ETH, or at least $9.9 million, got removed from the wallet Wednesday to another address that then migrated the currencies in transaction batches to various wallets. Although more than USD 400 million remains static, the Elliptic determined that 19% of the extracted coins got already laundered.
By: Jenson Nuñez
