The United States Treasury Department has linked the notorious North Korean hacking group, Lazarus, to the over $600 million stolen from blockchain gaming project, Axie Infinity last month.
On Friday, the Treasury published a new North Korean Designation update. The new list identifies the same Ethereum address (0x098B716B8Aaf21512996dC57EB0615e2383E2f96) behind the Ronin Network hack as belonging to the Lazarus Group.
Hence, the U.S. government agency indirectly recognizes that the group is behind the exploits and has now added the address to its sanctioned list. Notably, the address still holds a significant portion of the stolen funds, 147,753 ETH (appr. $444 million).
Ronin Network, an Ethereum linked sidechain powering the Axie Infinity game, lost approximately $625 million in a record-breaking exploit. The hackers stole 173,600 ETH and 25.5 million USDC by compromising private keys belonging the network validators.
The Ronin Network team explained at the time that the hack was executed using a social engineering attack. This tactic involves tricking an organization or its employees into giving away highly valuable information useful for malicious purposes.
The latest findings suggest that the Lazarus Group, allegedly run by the North Korean state, used this method to exploit the Ronin Network. The group has allegedly stolen over $2 billion from crypto exchanges in the past.
Ronin Network Hack Investigation Continues
In a fresh update acknowledging the new findings by the U.S. Federal Bureau of Investigation (FBI), the Ronin Network reiterated that investigations into the hack are still ongoing. However, the findings do not impede Ronin Network or Axie Infinity’s progress.
Sky Mavis, the Vietnam-based startup maintaining both projects, raised $150 million in an emergency funding round led by Binance. The new funds, as well as Sky Mavis’ balance sheet assets, will be used to reimburse gamers affected by the exploit, the team said at the time.
