The US Treasury Department has linked the renowned North Korean hacking outfit Lazarus to the theft of nearly $600 million from blockchain game business Axie Infinity last month.
The Treasury Department issued a new North Korean Designation update on Friday. The new list names the same Ethereum address (0x098B716B8Aaf21512996dC57EB0615e2383E2f96) as belonging to the Lazarus Group as being behind the Ronin Network breach.
As a result, the US government agency has indirectly acknowledged that the gang is behind the exploit and has added the address to its sanctioned list. Notably, the address still contains a sizable percentage of the stolen assets, totaling 147,753 ETH (about $444 million).
In a record-breaking hack, Ronin Network, an Ethereum-linked sidechain that powers the Axie Infinity game, lost around $625 million. By stealing the network validators’ secret keys, the hackers stole 173,600 ETH and 25.5 million USDC.
At the time, the Ronin Network team explained that the hack was carried out through a social engineering attack. This strategy entails duping an organization or an employee into disclosing highly valuable information that can be used for harmful reasons.
According to the latest findings, the Lazarus Group, which is reportedly run by the North Korean state, employed this strategy to abuse the Ronin Network. In the past, the organization is accused of stealing nearly $2 billion from cryptocurrency exchanges.
The Ronin Network reaffirmed that investigations into the incident are still underway in a new update noting the latest findings by the US Federal Bureau of Investigation (FBI). The findings, however, have no bearing on Ronin Network or Axie Infinity’s advancement.
Sky Mavis, a Vietnam-based business that manages both projects, raised $150 million in an emergency fundraising round headed by Binance. The extra cash, as well as Sky Mavis’ balance sheet assets, will be utilized to compensate gamers affected by the exploit, according to the team at the time.