The US Treasury Department announced on Thursday that it had linked North Korean hackers to the loss of hundreds of millions of dollars in cryptocurrencies linked to the popular online game Axie Infinity.
On March 23, digital currency worth about $615 million was stolen, according to Ronin, a blockchain network that allows users to transfer crypto in and out of the game. No one has claimed responsibility for the hack, but the US Treasury announced on Thursday that a digital currency address used by the hackers was under the control of a North Korean hacking gang known as Lazarus.
“As it tries to evade robust US and UN sanctions, the DPRK has increasingly relied on illicit activities – including cybercrime – to generate revenue for its weapons of mass destruction and ballistic missile programmes,” a Treasury Department spokesperson said, using the initials of North Korea’s official name. The wallet’s users risk being sanctioned by the US, according to the representative.
The classification confirmed that North Korea was behind the break-in, according to blockchain analytics firms Chainalysis and Elliptic. North Korean hackers have been the subject of the cybersecurity firm’s research for the past few weeks, according to a source familiar with the situation. Sky Mavis engaged CrowdStrike to investigate the incident, but the firm refuses to comment. Sky Mavis co-founder Aleksander Larsen, who creates Axie Infinity, declined to comment.
The FBI has ascribed the attack to the Lazarus Group, according to a post on the official Ronin blog, and the US Treasury Department has sanctioned the address that received the stolen monies. The Reconnaissance General Bureau, North Korea’s primary intelligence bureau, is said to be in charge of the Lazarus hacking squad, according to the US. It has been accused of being involved in the “WannaCry” ransomware attacks, hacking of multinational banks and customer accounts, and the Sony Pictures Entertainment cyber-attacks in 2014.
According to a draught resolution acquired by Reuters on Wednesday, the US is seeking the United Nations Security Council to blacklist the Lazarus Group and freeze its assets. Cryptocurrency systems have long been plagued by hacks. The Ronin hack was one of the most significant cryptocurrency thefts ever. Sky Mavis stated it will refund the money lost using a combination of its own balance sheet capital and $150 million received from investors including Binance.
According to the Ronin blog, “we are still in the process of integrating additional security measures before redeploying the Ronin Bridge to reduce future risk.” “By the end of the month, the bridge should be operational.” A Treasury official said that Washington plans to publish crypto cybersecurity rules to aid in the fight against cybercrime.
