The US Treasury Department on Thursday added a new Ethereum address to its sanctions list and linked it to North Korean hackers known as the Lazarus Group. Blockchain researchers said the address was likely the source of the March hack of Ronin Bridge, a blockchain network connected to the popular gambling game to win Axie Infinity, where more than $600 million worth of cryptocurrencies were stolen.
The address received 173,600 ETHUSD and 25.5 million mined from the Ronin attack, according to multiple blockchain analytics providers. Ronin Network provides a bridge that enables the transfer of tokens between Ethereum and Axie Infinity.
Known for its alleged hacking of Sony Pictures and the WannaCry ransomware attack, Lazarus Group and other North Korean hackers launched at least seven attacks in total in 2021 on crypto platforms, leveraging nearly $400 million in funds , according to crypto compliance firm Chainalysis.
A Treasury Department official did not immediately respond to a request for comment.
“North Korea is, in many ways, cut off from the global financial system by a long sanctions campaign led by the United States and its foreign partners,” wrote Ari Redbord, head of legal and government affairs at the company. TRM Labs crypto risk management in an email to CNET. As a result, the nation launched cryptocurrency hacks that amounted to “essentially bank robbery” to fund weapons programs, nuclear proliferation and other activities, according to Redbord.
In the Ronin hack, all the evidence pointed to the attack being socially engineered, rather than carried out by exploiting a technical flaw, according to a March 30 blog post from Ronin Network. Ronin is secured by nine validator nodes, while five were hacked into attacking the network, according to the post.
Laundering stolen funds
The Lazarus Group has become increasingly sophisticated in laundering stolen funds, often using multiple mixing services and other obfuscation techniques, according to TRM’s Redbord. However, as attackers “don’t care about being caught in the end”, they usually focus on quickly transferring funds before they are frozen, instead of engaging in time-consuming and costly obfuscation techniques. , Redbord said.
The Ronin hack followed the same pattern. By Thursday, hackers had laundered 18% of stolen funds, according to blockchain analytics provider Elliptic.
They first exchanged the USDC stablecoin for ether through decentralized exchanges, as stablecoin issuers could freeze the tokens in illicit activities in some cases, according to Elliptic. Meanwhile, they opted to operate through decentralized exchanges to circumvent anti-money laundering and so-called “know your customer” measures implemented by most centralized crypto exchanges.
However, hackers also attempted to launder nearly $17 million worth of ether through three centralized exchanges, an uncommon practice, Elliptic said. After the exchanges announced they would be working with law enforcement, the attacker switched to Tornado Cash, a decentralized protocol that allows users to make private transactions, having sent 80, $3 million worth of ether to the mixing service, according to Elliptic.
There is approximately $433 million left in the striker’s original wallet, Elliptic noted.
Ether is trading at around $3,030.5, up 1.4% in the past 24 hours, according to data from CoinDesk.
We wish to give thanks to the writer of this article for this awesome material
Researchers Claim North Korean Hacking Group Stole $600M Worth Of Crypto In Axie Infinity Hack – CNET – ApparelGeek
You can find our social media profiles as well as the other related pageshttps://metfabtech.com/related-pages/