North Korean Hackers Linked To Axie Infinity Hack

Axie Infinity has been making headlines after suffering one of the biggest hacks in crypto history.

North Korean Hackers Linked To Axie Infinity Hack

While the hack undoubtedly dented Axie's reputation, the platform isn't out just yet. Efforts are underway to remediate the effects and bring the criminals to justice.

The Lazarus Group Is At It Again

On April 14, government officials announced they had some possible leads on the identity of those behind the hack on Axie Infinity. In an announcement, the Office of Foreign Assets Control (OFAC) - an arm of the U.S. Treasury Department - confirmed sanctions against an Ethereum wallet believed to belong to the Lazarus Group - a hacking organization with links to the North Korean government.

Chainalysis and Elliptic, two of the foremost blockchain forensics companies, have confirmed that the wallet address sanctioned by the OFAC is identical to the one used in the attack on Axie Infinity's Ronin bridge, where hackers managed to steal about $625 million in late March.

The Lazarus Group is one of the most infamous hacking organizations on the planet. Most notable among their operations are the popular WannaCry ransomware and a massive hack on Sony Entertainment in 2014.

The Lazarus Group's Sony hack captured terabytes of data from Sony's servers, deleting original pieces and threatening to release the information if Sony released The Interview - a parody chronicling life in North Korea featuring actors Seth Rogen and James Franco.

Because the hack had a specific stipulation (not to release a movie mocking Kim Jong-Un), the Lazarus Group was immediately linked to Pyongyang. The group has since focused on financial crime, stealing billions of dollars suspected to go toward the North Korean nuclear weapons program.

When sanctions were announced, the wallet in question held 148,000 ETH tokens.

Blocking Channels For Laundering

As part of the sanctions, U.S. individuals and companies would be prohibited from doing business or conducting transactions with the identified ETH account. In turn, the Lazarus Group would be unable to cash out their ill-gotten gains from any U.S.-based crypto exchange.

Despite the massive funds held by the wallet, Elliptic estimates that 14 percent of the stolen Axie funds have already been laundered, and another $9.7 million could already be in intermediary wallets awaiting laundering.

"Many commentators believe that crypto assets stolen by Lazarus Group are used to fund the state's nuclear and ballistic missile programs. With recent reports that North Korea may be again preparing for nuclear testing, today's sanctions activity highlights the importance of ensuring that Lazarus Group is not able to successfully launder the proceeds of these attacks," Elliptic explained.

Sky Mavis Isn't Out Yet

According to updates, the operators of the hacked Ronin Bridge will be offering a post-mortem of the crypto theft. The bridge allows users to transfer funds to and from Axie Infinity and other blockchains and is expected to relaunch following the addition of more robust security measures.

Despite the hack, Axie Infinity continues to maintain operations. Sky Mavis, the game's developers, has since raised $150 million in capital from Binance and other investors to help compensate hack victims and relaunch the Ronin Bridge. They've also released Axie Infinity: Origin - a new game, which they hope will help grow player numbers.

Sky Mavis said they remain resolute in their mission to disrupt blockchain gaming entirely. Hacks continue to underscore the importance of security to the crypto space.


0 Comments • Tap In (Sign in) to comment

  • No comments yet