Recent investigations have revealed that North Korea’s Lazarus group is responsible for the Ronin Validator Hack on Axie Infinity.
US Treasury Identifies Hacker Wallet
The United States Treasury Department believes that the North Korean hacking group Lazarus is behind the massive crypto theft from Axie Infinity’s Ronin bridge. The government body has recently imposed sanctions on an Ethereum address, which it believes belongs to the Lazarus group. A government spokesperson has addressed the queries about the investigation, which was conducted in collaboration with the FBI. They said,
"Identification of the wallet will make clear to other VC actors, that by transacting with it, they risk exposure to US sanctions…There may be mandatory secondary sanctions requirements on persons who knowingly, directly or indirectly, engage in money laundering, the counterfeiting of goods or currency, bulk cash smuggling, or narcotics trafficking that supports the Government of North Korea or any senior official or person acting for or on behalf of that Government."
Multiple sources, like crypto news firm CoinDesk, crypto analytics company Chainalysis, and wallet profiler Nansen, have investigated and confirmed the connection between the sanctioned wallet and the Ronin attack. Crypto and financial tracing firm Elliptic studied the funds lost in the hack and concluded that 14% of them have already been laundered successfully.
Ronin Focuses On Security Measures
Commenting on the discovery, Ronin Network updated its community via a newsletter on Substack,
“Today, the FBI attributed North Korea-based Lazarus Group to the Ronin Validator Security Breach…We are still in the process of adding additional security measures before redeploying the Ronin Bridge to mitigate future risk. Expect the bridge to be deployed by end of month. Security comes first. The timeline is subject to change based on the implementation time of several security measures.”
The news of the hack first broke towards the end of last month, when the Ronin Network Twitter handle announced that the Ronin Sidechain had been exploited, resulting in the loss of 173,600 ETH and 25.5M USDC, or roughly $625 million based on current prices. Thankfully, the team got support from the community when crypto giant Binance and other investors led a $150 million round to raise funds to reimburse the users affected by the hack. Sky Mavis, the parent company behind Axie Infinity, had already had to dip into its balance sheet funds to accumulate sufficient funds for reimbursement. Sky Mavis COO, Aleksander Leonard Larsen, acknowledged that the process to recover funds could be a lengthy one. However, the team has decided to go forward with it, hoping that they will be able to gain more information about the hack in the time being.
Disclaimer: This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.