Artificial IntelligenceCryptocurrencyMetaverseCybersecurityTech Forward

Now we know who’s behind one of the largest crypto heists in history: North Korea

April 15, 2022, 9:20 PM UTC

In late March hackers breached the blockchain behind the popular “play to earn” game Axie Infinity, making off with $615 million in cryptocurrency.

The hack represents the largest decentralized finance hack in history, and the second-largest crypto hack of all time, according to data from the DeFiYield REKT database and Elliptic.

For weeks the identity of the hackers remained a mystery. But on Thursday the U.S. Treasury Department linked the North Korean state-backed group Lazarus to the hack, adding its Ethereum address to a growing sanctions list.

The sanctions block U.S. companies from transacting with Lazarus’ address, with the goal of preventing the hackers from laundering funds through U.S.-based cryptocurrency exchanges. Still, the blockchain analysis firm Elliptic estimates that roughly 18% of the cryptocurrency stolen in the Axie Infinity hack was already laundered as of Thursday.

Lazarus first gained notoriety when it hacked Sony Pictures in 2015, stealing personal data from thousands of employees. In 2017 the group was responsible for the WannaCry cyberattack that infected more than 300,000 computers worldwide, encrypting files and instructing owners to pay a ransom in Bitcoin in order to return access.

North Korean state-backed hackers including Lazarus launched at least seven attacks on cryptocurrency platforms last year alone, stealing nearly $400 million worth of digital assets, according to the crypto forensics firm Chainalysis. The North Korean government has increasingly turned to cybercrime to generate revenue amid strict sanctions from the West, a Treasury Department spokesperson told The Wall Street Journal on Thursday.

The Ronin network, the Ethereum-linked blockchain that powers Axie Infinity, updated a blog post this week explaining that the FBI had tracked down those responsible for the security breach. The network is making changes to its security measures to prevent further attacks, it added.

“We are still in the process of adding additional security measures before redeploying the Ronin Bridge to mitigate future risk. … Security comes first,” the network wrote. “We would like to extend a thank you to all law enforcement agencies who have supported us in this ongoing investigation.”

Since its launch in 2018, Axie Infinity has quickly become one of the most popular “play-to-earn” games worldwide and is even seen as an economic lifeline for millions of users across Southeast Asia.

The game, developed by the Vietnamese firm Sky Mavis, allows players to collect NFTs and battle each other for in-game currency that can then be converted to real money.

Never miss a story: Follow your favorite topics and authors to get a personalized email with the journalism that matters most to you.