WASHINGTON — The United States has linked North Korean hackers to the theft of hundreds of millions of dollars in cryptocurrency linked to popular online game Axie Infinity, the U.S. Treasury Department said Thursday.
Ronin, a blockchain network that allows users to transfer crypto in and out of the game, said digital cash worth nearly $615 million was stolen on March 23.
Download the NBC News app for the latest news and politics
No one has explicitly assigned responsibility for the hack, but on Thursday the US Treasury identified a digital currency address used by hackers as being under the control of a North Korean hacking group often dubbed “Lazarus”.
“The United States is aware that the DPRK is increasingly relying on illicit activities – including cybercrime – to generate revenue for its weapons of mass destruction and ballistic missile programs as it attempts to ‘escape harsh US and UN sanctions,’ a Treasury Department spokesman said. using the initials of North Korea’s official name.
The spokesperson warned that those who transact with the wallet risk exposing themselves to US sanctions.
Blockchain analysis firms including Chainalysis and Elliptic said the designation confirmed that North Korea was behind the break-in.
Aleksander Larsen, the co-founder of Sky Mavis, which makes Axie Infinity, declined to comment. CrowdStrike, which was hired by Sky Mavis to investigate the breach, also declined to comment.
A post on Ronin’s official blog said the FBI attributed the hack to the Lazarus Group and that the US Treasury Department sanctioned the address that received the stolen funds.
The United States claims that the Lazarus hacking group is controlled by the Reconnaissance General Bureau, North Korea’s main intelligence office. He has been accused of involvement in the “WannaCry” ransomware attacks, the hacking of international banks and customer accounts, and the 2014 cyberattacks on Sony Pictures Entertainment.
Hacks have plagued crypto platforms for a long time. The Ronin hack was one of the biggest cryptocurrency heists on record.
Sky Mavis said it would use a combination of its own balance sheet funds and $150 million raised from investors including Binance to repay the lost money.
“We are still adding additional security measures before redeploying the Ronin Bridge to mitigate future risks,” the Ronin Blog said. “Expect the bridge to be deployed by the end of the month.”
The Treasury spokesperson said Washington would seek to issue crypto cybersecurity guidelines to help protect against virtual currency theft.