US Treasury and Chainalysis Unmask $600 Million Ronin Hackers – Lazarus
Welcome back to the Tribe! In this post we dive into an update on the Ronin Hackers!
Nothing should be considered investment or financial advice. Enjoy the ride!
Lazarus, a North Korean-based cybercrime and anonymous hacker organization has been linked to the biggest exploit in decentralized finance (DeFi) history – the $600 million hack on the Ronin Sidechain protocol.
U.S. Authorities and blockchain security outfit Chainalysis have both published reports saying that the notorious group is linked with the attack. Following the news, crypto proponents surmised that chances of recovery are slim and that funds could be lost forever.
North Korean Cyber Terror Group Responsible for Ronin Hack
According to a recent thread published by on-chain security and research firm Chainalysis on Thursday (April 14, 2022), the recent hack on Ronin’s bridge protocol worth around $600 million was deployed by the notorious cybercriminal group Lazarus.
At the end of March 2022, SanFransiscoTribe reported that an unknown hacker had leveraged stolen validator keys to trigger a false deposit and withdrawal event on Ronin, a sidechain protocol operated by Sky Mavis and popular for powering the famous NFT gamer Axie Infinity.
After using the private keys, the hacker drained the bridge protocol on Ronin of an estimated $600 million dollars. The large haul was reportedly made of digital currencies including 173,600 Ether (ETH) and 25.5 million of Circle’s USDC stablecoin token.
Since then, the funds have been moved around several times through the mixer solution known as Tornado Cash. Mixers are used to obscure the source of funds in order to safely transfer assets to fiat off-ramp services.
Updates On Sanctions
Citing an update to a U.S. Treasury sanctions list featuring illicit activities linked with North Korea, Chainalysis said:
“Updates to OFAC’s SDN designation for Lazarus Group confirm that the North Korean cybercriminal group was behind the March hack of Ronin Bridge, in which over $600 million worth of ETH and USDC was stolen.”
The cyber security company went on to highlight that the address in question received the exact amount of digital assets declared missing by the Ronin team following the incident.
That address was involved in the Ronin hack, having received 173,600 ETH and 25.5 million USDC from the Ronin Bridge smart contract during the attack. pic.twitter.com/Ab7rr2yYYA
— Chainalysis (@chainalysis) April 14, 2022
“That address was involved in the Ronin hack, having received 173,600 ETH and 25.5 million USDC from the Ronin Bridge smart contract during the attack.”
Moving forward, it remains unclear if chances remain for a recovery of the stolen funds. Some voices in the crypto spaces have claimed that assets taken by the Lazarus group are not easy to recover.
Chainalysis said that although the incident is unfortunate, the hack re-emphasized key areas that must receive special focus in order to ensure that exploits of this nature and magnitude do not happen in the future.
“The attribution of the Ronin hack to Lazarus Group underlines two industry needs Chainalysis has highlighted previously: Understanding of how DPRK-affiliated threat actors exploit crypto, and better security for DeFi protocols.”
Other News – Voyager Innovations Raises $210 Million
PayMaya developer Voyager plans to tap cryptocurrencies as a payment method in the Philippines. The startup recently passed a $1 billion market valuation after closing a bumper $210 million funding round. Voyager joins the growing list of crypto unicorns.
Ronin Hackers News
Thanks for reading our post on the Ronin Hacker update! There will probably be more to come on this story in the coming weeks.
Make sure to follow our Twitter to stay up-to-date on all things crypto!