The Lazarus hacking group in North Korea has been linked with the crypto industry’s largest-ever hack according to the U.S. Treasury and blockchain analytics firm Chainalysis.
The U.S. Treasury and FBI have been working together to unravel the perpetrators behind the Ronin bridge hack that resulted in the theft of more than $615 million in cryptocurrency in late March.
The FBI stated that an investigation had determined that the Lazarus Group and APT38 hacking organizations were behind the heist. The bureau added that these crimes generate lucrative revenue for the North Korean regime, according to Bloomberg
The attackers used the Tornado CashEthereum transaction anonymizing service to obfuscate their tracks, shifting as much as 28,000 ETH through the mixer.
Lazarus Group gained notoriety in 2014 when it was accused of hacking Sony Pictures Entertainment. The incursion was in response to a satirical movie called “The Interview” that mocked North Korean leader Kim Jong Un.
Chainalysis dives into North Korea connection
Blockchain analytics firm Chainalysis confirmed the North Korean connection in a tweet on April 14.
THREAD: Updates to OFAC’s SDN designation for Lazarus Group confirm that the North Korean cybercriminal group was behind the March hack of Ronin Bridge, in which over $600 million worth of ETH and USDC was stolen.
— Chainalysis (@chainalysis) April 14, 2022
The U.S. Office of Foreign Assets Control (OFAC) added an associated Ethereum wallet address tied to the group to its sanction list on April 14.
Chainalysis reported:
“That address was involved in the Ronin hack, having received 173,600 ETH and 25.5 million USDC from the Ronin Bridge smart contract during the attack.”
reported that in the first three months of 2022, malicious actors and hackers have stolen $1.3 billion worth of crypto from exchanges, platforms, and private entities, the majority of which are associated with
Yield’s Rekt Database lists the Ronin hack as the largest ever for the crypto industry in which $615 million was lost. It reports a total of $4.5 billion being lost to , hacks, and exploits since 2012.
Recovery chances slim
Ronin, which provides a bridge to exchange assets into the NFT Metaverse game Axie Infinity, updated its own website on April 14 with the latest developments.
“We are still in the process of adding additional security measures before redeploying the Ronin Bridge to mitigate future risk. Expect the bridge to be deployed by end of month.”
Earlier this month, Axie Infinity developer Sky Mavis said that it was ready to play the “long game” as recovering the funds could take years.
However, if the ill-gotten gains have made their way into the North Korean regime then recovery chances are slim at best.
