$600 Million Crypto Hack Linked to North Korean Group, Lazarus

As per the U.S. Treasury Department, the United States has linked the recent theft of hundreds of millions of dollars worth of crypto to North Korean hackers. The recent theft resulted in about $600 million being stolen from players involved with the popular online game Axie Infinity.

According to Ronin, a blockchain network that allows users to transfer crypto to and from the game, the digital cash was stolen last March 23 amounted to roughly $615 million.

While the crime currently has no real suspect, the US Treasury identified a digital currency address used by hackers under the control of a North Korean hacking group known as Lazarus.

“The United States is aware that the DPRK has increasingly relied on illicit activities — including cybercrime — to generate revenue for its weapons of mass destruction and ballistic missile programs as it tries to evade robust U.S. and U.N. sanctions,” a Treasury Department spokesperson said, using the initials of North Korea’s official name.

Blockchain analytics firms including Chainalysis and Elliptic confirm North Korea’s involvement with the break-in.

The treasury’s spokesperson warns those transacting with the wallet about the potential risk of exposure to U.S. sanctions.

Aleksander Larsen, the co-founder of Sky Mavis, the creators of Axie Infinity, declined to comment. CrowdStrike, the company hired by Sky Mavis to investigate the breach, also declined to comment.

In an official post on Ronin’s blog, the network stated that the FBI attributed the hack to the Lazarus Group and that the U.S. Treasury Department has sanctioned the address that received the stolen funds.

The US stated that the Lazarus hacking group is controlled by the Reconnaissance General Bureau, North Korea’s primary intelligence bureau. The group has been accused of being involved with the “WannaCry” ransomware attacks, hacking of international banks and customer accounts, and the 2014 cyberattacks on Sony Pictures Entertainment.

“We are still in the process of adding additional security measures before redeploying the Ronin Bridge to mitigate future risk,” the Ronin blog said. “Expect the bridge to be deployed by end of [the] month.”

With the $600 million loss, the hack on Ronin is now one of the largest cryptocurrency heists on record.

Source: NBC News, Business Standard