The US Treasury Department has linked an Ethereum wallet to a North Korean hacking group for the theft of $625 million; here is all you need to know.
A rise in crypto-heists
As the popularity and use of cryptocurrencies soar, several issues are springing up with cryptocurrency use. An example of this is the numerous hacks that have led to the theft of billions of dollars in cryptocurrencies.
A month ago, Axie Infinity, a play-to-earn game, came under attack by hackers after its side chain Ronin, which is connected to the main Ethereum blockchain, was hacked, resulting in the theft of 173,600 ETH and 25.5 million USDC. The total loss was estimated to be a whopping $625 million at the attack time.
The FBI recently stated that it had confirmed a North Korean hacking organization called Lazarus as the leading actor behind the March 29 cryptocurrency heist of the Axie Infinity-linked Ronin Bridge. The theft has been tagged as one of the biggest crypto heists ever.
The Treasury Department added that it had banned an Ethereum address linked to Lazarus and added the address to its sanctions list on Thursday. A wallet profiler had also marked the wallet as “Ronin Bridge Exploiter.”
The Lazarus Group had, before this Axie-Infinity hack, been held responsible for a 2014 hacking of Sony pictures, authorities said. The group is part of a large consortium of North Korean hackers who orchestrate cyber attacks and cyber heists worldwide. Chainanalysis shared that this group stole over $400 million in cryptocurrency last year. North Korea has, however, denied all allegations linking it to these attacks and hacks.
Axie Infinity’s Ronin: The Lazarus Strike
Information on the hack was made public on March 29 by Sky Mavis, Axie Infinity’s creator, who announced that they had been hacked on March 23. Sky Mavis revealed that the hack resulted in the theft of roughly $600 million worth of cryptocurrency from a bridge that allows users to send crypto from one blockchain to another at the time of discovery.
To execute the hack on the video game Axie Infinity, the hackers infiltrated part of Ronin, the underlying blockchain that powers the game. Ronin had been utilized as a sidechain to the main Ethereum blockchain to allow the developers to support faster and cheaper transactions. Elliptic, a tracing firm, estimated that 14% of the stolen funds had already been laundered by Thursday.
Financial security in the crypto-world
The Axie Infinity hack follows a series of other cryptocurrency hacks estimated at $1.3 billion this year. In January, hackers had stolen $120 million worth of crypto tokens from a blockchain-based DeFi platform BadgerDAO. Several crypto wallets were emptied before the cyber attacks could be stopped. In December 2021, $80 million worth of cryptocurrency was stolen from Qubit Finance, another DeFi platform.
This string of attacks continues to raise concerns amongst cryptocurrency users, considering the sophistication of the attacks and the difficulty associated with the recovery of stolen funds.