US Treasury Ties Lazarus Group to Ronin Hack, Sanctions ETH Address

Friday, 15/04/2022 | 04:19 GMT by Arnab Shome
  • Hackers siphoned $540 million worth of cryptos (at the time of the hack) from Ronin.
  • Anyone transacting with the sanction would risk US sanctions on themselves.
crypto launder

The US Treasury Department added an Ethereum address to its sanctions list on Thursday, thus linking the Ronin Network attack to the notorious North Korean hackers, Lazarus Group.

Additionally, it is the first time the US Treasury Department has publicly linked and blacklisted a crypto wallet address to the North Korean hackers’ group. Though the official announcement did not name Ronin, several blockchain analytics firms confirmed the ties of the sanctioned address to the attack.

One of the Largest Crypto Heist

Ronin Network, which is the blockchain used by the players of Axie Infinity, was compromised in the last week of March which resulted in the theft of 173,600 Ether (ETH) and 25.5 million USD Coins, then valued at around $540 million. The fiat value of these stolen cryptocurrencies jumped over the next few days with an upward market rally, making it the largest crypto heist to date.

Blockchain analytics firm, Elliptic estimated that the hackers already managed to launder around 14 percent of the stolen funds from Ronin.

But now, after the sanctions, anyone in the digital currency space would be risking US sanctions for making transactions with the sanctioned wallet address.

“Identification of the wallet will make clear to other VC actors, that by transacting with it, they risk exposure to US sanctions,” a US Treasury Department spokesperson said. “This demonstrates Treasury’s commitment to using all available authorities to disrupt malicious cyber actors and block ill-gotten criminal proceeds.”

Meanwhile, the developers are still working on enhancing the security of the Ronin Bridge before redeploying it following the attack. The Vietnamese gaming studio behind the Axie Infinity game has also raised $150 million to compensate the victims of the attack.

“We are still in the process of adding additional security measures before redeploying the Ronin Bridge to mitigate future risk,” a Ronin Network blog post noted, adding that it is aiming to deploy the bridge by the end of this month.

The US Treasury Department added an Ethereum address to its sanctions list on Thursday, thus linking the Ronin Network attack to the notorious North Korean hackers, Lazarus Group.

Additionally, it is the first time the US Treasury Department has publicly linked and blacklisted a crypto wallet address to the North Korean hackers’ group. Though the official announcement did not name Ronin, several blockchain analytics firms confirmed the ties of the sanctioned address to the attack.

One of the Largest Crypto Heist

Ronin Network, which is the blockchain used by the players of Axie Infinity, was compromised in the last week of March which resulted in the theft of 173,600 Ether (ETH) and 25.5 million USD Coins, then valued at around $540 million. The fiat value of these stolen cryptocurrencies jumped over the next few days with an upward market rally, making it the largest crypto heist to date.

Blockchain analytics firm, Elliptic estimated that the hackers already managed to launder around 14 percent of the stolen funds from Ronin.

But now, after the sanctions, anyone in the digital currency space would be risking US sanctions for making transactions with the sanctioned wallet address.

“Identification of the wallet will make clear to other VC actors, that by transacting with it, they risk exposure to US sanctions,” a US Treasury Department spokesperson said. “This demonstrates Treasury’s commitment to using all available authorities to disrupt malicious cyber actors and block ill-gotten criminal proceeds.”

Meanwhile, the developers are still working on enhancing the security of the Ronin Bridge before redeploying it following the attack. The Vietnamese gaming studio behind the Axie Infinity game has also raised $150 million to compensate the victims of the attack.

“We are still in the process of adding additional security measures before redeploying the Ronin Bridge to mitigate future risk,” a Ronin Network blog post noted, adding that it is aiming to deploy the bridge by the end of this month.

About the Author: Arnab Shome
Arnab Shome
  • 6370 Articles
  • 80 Followers
About the Author: Arnab Shome
Arnab is an electronics engineer-turned-financial editor. He entered the industry covering the cryptocurrency market for Finance Magnates and later expanded his reach to forex as well. He is passionate about the changing regulatory landscape on financial markets and keenly follows the disruptions in the industry with new-age technologies.
  • 6370 Articles
  • 80 Followers

More from the Author

CryptoCurrency

!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|} !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}