North Korean Hacking Group Lazarus Allegedly Behind $620M Ronin Hack

north korean hackers ronin

Lazarus, a North Korean hacking group is allegedly behind the $622 million hack of Ronin —an Ethereum sidechain used by the popular NFT (Non-Fungible token) game Axie Infinity.

Lazarus Group Behind Largest Theft in Defi History

In late March, Sky Mavis —the studio behind Axie Infinity— saw its Ronin bridge smart contract exploited by hundreds of millions of dollars, after the attackers managed to breach the security of the Ethereum sidechain. 

Today, the US Treasury Department added a new ETH address to its list of sanctions for the Lazarus group. The FBI linked this address to the Ronin bridge exploit that occurred in late March, having received 173,600 ETH and 25.5 million USDC during the exploit. This is the same address that Sky Mavis founder flagged as the attacker shortly after the attack.

The studio has acknowledged the connection in a recent update to its original community alert post, and that they’re working on additional security layers to protect its users.

We are still in the process of adding additional security measures before redeploying the Ronin Bridge to mitigate future risk. Expect the bridge to be deployed by end of month

Elliptic and Chainalysis, two major blockchain analytics firms, have reaffirmed that the address belongs to the North Korean group. Both firms have been monitoring stolen funds since the attack took place.

According to data from Elliptic, Lazarus has managed to launder 18% of the stolen funds to date through decentralized exchanges (DEXs), firstly by swapping the stolen USDC for ETH.

However, the hackers laundered $16.7 million worth of ETH through three centralized exchanges, allowing the exchanges to work with law enforcement to track their identity due to AML and KYC procedures. Lazarus then decided to switch to Tornado Cash (TORN) —a privacy-focused protocol that mixes transactions to make them difficult to trace.

Sky Mavis has said that they will continue to work with security firms and law enforcement agencies, hoping to recover the stolen funds in the next two years. In a previous update, the studio announced they would reimburse all affected users by combining Sky Mavis and Axie balance sheet funds with a $150 million funding round led by Binance, with participation from several crypto investment firms. 

Withdrawals of Wrapped Ether (wETH) and convert function from wETH to ETH remain closed, the studio said, but withdrawals for Axie Infinity Shards (AXS) and Smooth Love Potion (SLP) have been resumed. 

NEWSLETTER

Newsletter (Sidebar)

  • Hidden
  • This field is for validation purposes and should be left unchanged.

RELATED ARTICLES

pancake swap

PancakeSwap: Your Recipe to a Sweet Life of CAKE Farming 

PancakeSwap: Your Recipe to a Sweet Life of CAKE Farming  PancakeSwap is the world’s third most popular…

Read More
sec

Could Crypto Regulation Actually Shift from the SEC to CFTC?

Cryptocurrency regulation has been a matter of discussion in the United States for a while now, and…

Read More
Uniswap

Uniswap Set To Dominate NFTs After the DEX Market

In the three years since its launch, Uniswap has amassed not only a huge user base but…

Read More

NEXT ARTICLE

Getting Started Gold Bars.

NEXT ARTICLE

Could Crypto Regulation Actually Shift from the SEC to CFTC?

Cryptocurrency regulation has been a matter of discussion in the United States for a while now, and it appears to be that the same might be coming to an end soon. At the same time, cryptocurrency regulation could also witness a dynamic power shift from the Securities & Exchange Commission (SEC) to the Commodities and…

ABOUT THE AUTHOR

Getting Started Gold Bars.

ABOUT THE AUTHOR

José is a copywriter and journalist with over 4 years of experience in the crypto field. He started his career in 2017 amid the Bitcoin and the cryptocurrency boom, and he hasn’t turned his back on the industry since then.