In brief

  • The U.S. Treasury added an Ethereum wallet address to its sanctions list today, tying it to North Korea’s Lazarus Group.
  • It’s the same address tied to last month’s $622 million attack of Axie Infinity’s Ronin Network.

North Korean hacking group Lazarus is allegedly responsible for last month’s $622 million hack of Ronin Network, an Ethereum sidechain used by play-to-earn crypto game, Axie Infinity.

The connection was revealed today when the United States Department of the Treasury announced that it added a new Ethereum wallet address to its list of sanctions for the Lazarus Group. It’s the same wallet address that Axie Infinity creator Sky Mavis named as the Ronin attacker in late March.

CoinDesk first reported the news. A look at Ethereum wallet explorer Etherscan shows the label “Ronin Bridge Exploiter” for the wallet.

Sky Mavis has since acknowledged the connection in an update to its original post about the Ronin exploit. Blockchain analytics firms Chainalysis and Elliptic have similarly affirmed that the wallet address listed by the U.S. Treasury today is the same used in the Ronin exploit.

The FBI has labeled Lazarus as a “state-sponsored hacking organization,” and its earliest attacks date back to 2009. Lazarus is allegedly responsible for the 2017 WannaCry ransomware attack, 2014’s breach of Sony Pictures, and a series of attacks on pharmaceutical companies in 2020.

“It is somewhat unsurprising that this attack has been attributed to North Korea,” Elliptic wrote in a blog post. “Many features of the attack mirrored the method used by…

Source link

Leave a Reply

Your email address will not be published.

Fill out this field
Fill out this field
Please enter a valid email address.
You need to agree with the terms to proceed