Lazarus is one of the most prolific hacker organisations linked to North Korea, having targeted crypto entities since 2017
Image: Shutterstock
On April 14, the US law enforcement issued fresh sanctions against an Ethereum wallet belonging to the Lazarus Group, an online crime ring linked to the North Korean government and suspected to be behind the $540 million hack of the online game Axie Infinity last month.
Despite knowing the wallet address associated with the attack, since the day of the attack, the Treasury Department's Office of Foreign Assets Control (OFAC) only tied it to Lazarus on Thursday, April 14, adding it to OFAC's Special Designated Nationals List and sanctioning the funds.
Elliptic and Chainalysis, leading blockchain analysis firms, have verified that the US Treasury's wallet address is the same as the one used in the Ronin hack.
Chainalysis tweeted that the updates to OFAC’s SDN designation for Lazarus Group confirm that the North Korean cybercriminal group was behind the March hack of Ronin Bridge, in which over $600 million worth of ETH and USDC was stolen. According to Elliptic's internal analysis, the attacker has been able to launder 18 percent of their stolen assets as of April 14.
According to the DeFiYield REKT database, the hack, which fetched the attackers 173,600 ether (about $597 million) and $25.5 million worth of the stablecoin USDC, is the largest DeFi hack to date.