The Ministry of Finance’s Office of Foreign Assets Control (OFAC) has authorized the address where the cryptocurrency was stolen as a result of the largest cryptocurrency hack in history – the hacking of Axie Infinity’s Ronin network bridge.
The Federal Bureau of Investigation (FBI) said that Ronin was hacked last month by two North Korean hacker groups, Lazarus and BlueNorOff (also known as APT38).
“Through our investigation, we were able to confirm that Lazarus Group and APT38, the cyber assets associated with the DPRK, were responsible for the $620 million Ethereum theft reported on March 29,” the FBI said. Said. “The FBI, in coordination with the Department of the Treasury and other US government partners, will continue to expose and combat DPRK’s illegal activities, including cybercrime and cryptocurrency theft, to generate revenue for the regime.”
Chainalysis blockchain data platform discovered that the new ETH address, first added to the SDN list by OFAC as part of the Lazarus Group update, was also used to collect the ETH and USDC tokens that were stolen when Ronin was hacked.
Ronin is an Ethereum sidechain developed by Sky Mavis to provide transactions for the Axie Infinity game, which acts as a bridge for the transfer of ERC-20 tokens between the Ronin and Ethereum blockchains.
On March 29, Sky Mavis reported that the Ronin Bridge was breached, stealing 173,600 Ethereum tokens and 25.5 million USDC tokens in two transactions. [1 та 2] worth more than $617 million. Sky Mavis also released an update revealing the attack in its first blog post, saying the FBI now blames the North Korean-backed Lazarus Group for the attack. Source