Crypto Lists has received confirmation of the United States linking hackers backed by North Korea to an enormous crypto heist of $615 million from gamers of the popular online game Axie Infinity.
The Axie Infinity game offers a play to earn an award of crypto (in AXS) by playing or trading the players’ avatars.
The hack occurred in March and investigations were underway with the help of authorities and the game’s hosting platform. It is believed to be among the largest ever heists in the crypto world. It targeted the Blockchain project, Ronin, and led to doubts over the security of the cryptocurrency industry. Ronin network facilitates its users to transfer the digital currency in and out of the game. Some believe that the industry emerged into the mainstream by significantly relying on promotions by celebrities and promises of untold wealth.
Go directly to
The Treasury Department’s Office of Foreign Assets Control (OFAC) red-flagged the address that received the stolen crypto from the Ronin network. It has gone ahead to sanction the address of the hackers. In addition, the Federal Bureau of Investigation (FBI) highlighted that there are two North Korean hacking groups responsible for the Ronin hack. These are the Lazarus group and the BlueNorOff (aka APT38). United States officials believe that North Korea’s primary intelligence Bureau controls and maintains the Lazarus group.
The FBI released a statement highlighting that through their investigations, they confirm that the Lazarus group and APT38 cyber actors are responsible for the heist of over 600 million dollars reported in Ethereum on March 29th. The cyber actors have associated with the DPRK.
The Lazarus group came into the spotlight in 2014 after accusations of hacking into Sony Pictures Entertainment in vengeance for the film, The Interview. The film mocked the North Korean leader, Kim Jong Un. The group has also been involved in Wannacry ransomware attacks and the hacking of international customer bank accounts.
The bureau further stated that it will continue to coordinate with the Treasury and other United States government partners to expose and fight the DPRK’s use of illicit activities. A treasury department spokesperson was reported saying that these include cybercrime and crypto theft that goes on to generate revenue for its weapon of mass destruction and ballistic missile programs. These illicit activities are a means for the regime to evade the United States and United Nations sanctions.
A 2020 military report indicates that North Korea’s hacking programme has grown from its initial days in the mid-1990s to a 6000 cyber warfare unit. The unit is known as Bureau 121 and operates in several countries including China, Russia, India, Malaysia, and Belarus.
Office of Foreign Assets Control(OFAC) recently added a new ETH address to the SDN list as a part of the Lazarus group. The same address is linked to the Ronin hack in March that collected the ETH and USDC tokens. Ronin acted as a link for transferring ERC-20 tokens between the Ethereum blockchain and Ronin. It enabled Axie Infinity gamers to transact as Ronin is a sidechain for Ethereum.
On March 29, Ronin was hacked. A theft of 173,600 ETH and 25.5 million USDC tokens occurred. The developers of Ronin, Sky Mavis, indicated that the hackers exploited a weakness that compromised the chain’s security. It indicated that previously, it used the ethereum blockchain where transactions were slow and expensive. Therefore, Sky Mavis developed an in-game currency and the sidechain, Ronin which links to the Ethereum blockchain. It led to faster, more affordable, and less secure transactions.
Sky Mavis updated the details disclosing the attack by confirming that the FBI attributes the Ronin validator security attack to the North Korean Lazarus group. The firm also confirmed that Treasury has sanctioned the address that collected the stolen funds.
What next for the North Korean hackers?
According to Chainanalysis, a blockchain analysis company, the North Korean hackers are responsible for heists of over $400 million in digital currency in at least seven attacks on crypto platforms in 2021. The year proved to be one of the most successful for cybercrime in the Asian state.
Crypto lists has learnt that the US is pushing for the UN council to blacklist and freeze the Lazarus group assets.