The US Treasury Department has concluded and claims that the North Korean hacking group Lazarus is linked to the Ronin Bridge exploit, which was worth more than $600 million to the makers of Axie Infinity.
How they discovered that
On Thursday, the Treasury added a specific Ethereum wallet address to its sanctions. This came after Nansen flagged the address as one of the attackers within the Ronin Bridge exploit.
Shortly after, Chainanalysis tweeted that this address “was involved in the Ronin hack after receiving 173,600 ETH and 25.5 million USDC from the Ronin Bridge smart contract during the attack.”
Finally, Ronin Network added to his blog to confirm the scenario. They said, “Today the FBI has attributed the North Korea-based Lazarus Group to the Ronin Validator Security Breach.”
Ronin also mentioned that a full post-mortem will take place at a later date.
Details of the Ronin Bridge exploit
Recently, Ronin’s Bridge platform was hacked for a total of around $625 million. Immediately, no one had any idea who was responsible for the hack. But now it has been claimed that the Lazarus group was responsible.
Since the hack, Sky Mavis, creator of top play-to-earn game Axie Infinity, has paid back $450 million out of pocket to users who lost their money. The company which was worth around $3 billion at its peak in Q3/Q4 of last year.
The fact that there has been an official government response is a good step forward in the process of resolving the case. Now we are unsure what will happen in the future.
The Lazarus Group is notorious for its hacks and its ties to the North Korean state. The FBI has described the group as a “state-sponsored hacking organization of North Korea.” In the past, they have been reported to have hacked Sony images, Bangladeshi banks, and various other cryptocurrency attacks. Now the Ronin Bridge exploit is just her next.