US links North Korea’s Lazarus group to $625m crypto theft from RoninLeigh Mc Gowranon April 15, 2022 at 07:12 Silicon RepublicSilicon Republic


The massive hack that caused roughly $625m worth of cryptocurrency to be stolen by gaming-focused blockchain network Ronin has been linked to North Korean hacker group called Lazarus, according to the US Treasury Department and Ronin.

Yesterday (14 April), the Treasury Department linked the digital currency address being used by the hackers as being under the control of the notorious hacker group.

Crypto analysis firm Chainalysis said on Twitter that the address was “involved in the Ronin hack”. Chainalysis previously said it was tracking the stolen funds on Ronin’s behalf.

Ronin, which is used for the NFT-based game Axie Infinity, said on its Substack that the FBI attributed the Lazarus group to the security breach.

A treasury spokesperson told Reuters the North Korean government has become reliant on “illicit activities” such as cybercrime to try evade US and UN sanctions while it generates revenue for its ballistic missile programmes.

The Lazarus group was blamed for the notorious WannaCry cyberattack in 2017, which was unprecedented in scale at the time and wreaked havoc around the globe. This group is also believed to be behind the infamous hack of Sony Pictures Entertainment in 2014.

‘The largest-ever DeFi exploit’ went unnoticed for a week

On 29 March, Ronin said 173,600 Ethereum and 25.5m USDC – a stablecoin linked to the US dollar – were drained in two transactions. Chainalysis said on Twitter that the hack was worth more than $625m, which would make it “the largest-ever DeFi exploit” recorded.

Ronin did not notice breach until a week later on 29 March, when a user reported they could not withdraw 5,000 Ethereum from the blockchain network’s bridge.

The blockchain network said validator nodes for Sky Mavis – the operator of Ronin and Axie Infinity – and Axie DAO validator nodes were compromised on 23 March.

Last week, Sky Mavis announced a $150m funding round last week led by Binance. Ronin said this investment will be used along with Sky Mavis and Axie’s current balance sheet funds to reimburse users affected by the crypto theft.

Even though security is often seen as one of the major benefits of blockchain, cyberattacks are becoming more sophisticated all the time, with major hacks occurring over the last year.

One of the world’s largest cryptocurrency trading platforms by volume, Bitmart, was targeted last December by unidentified hackers, which lead to an estimated $196m worth of assets being stolen.

Last August, a major hack on decentralised finance platform Poly Network saw more than $600m in cryptocurrency stolen by exploiting a vulnerability in its system – one of the largest crypto thefts in history.

10 things you need to know direct to your inbox every weekday. Sign up for the Daily Brief, Silicon Republic’s digest of essential sci-tech news.

The post US links North Korea’s Lazarus group to $625m crypto theft from Ronin appeared first on Silicon Republic.

Leave a Comment