Security News > 2022 > April > Lazarus Group Behind $540 Million Axie Infinity Crypto Hack and Attacks on Chemical Sector
The U.S. Treasury Department has implicated the North Korea-backed Lazarus Group in the theft of $540 million from video game Axie Infinity's Ronin Network last month.
The cryptocurrency heist, the second-largest cryptocurrency theft to date, involved the siphoning of 173,600 Ether and 25.5 million USD Coins from the Ronin cross-chain bridge, which allows users to transfer their digital assets from one crypto network to another, on March 23, 2022.
Nearly $80.3 million of the laundered funds have involved the use of Tornado Cash, a mixing service on the Ethereum blockchain designed to obscure the trail of funds, with another $9.7 million worth of ETH likely to be laundered in the same manner.
Lazarus Group, an umbrella name assigned to prolific state-sponsored actors operating on behalf of North Korean strategic interests, has a track record of conducting cryptocurrency thefts since at least 2017 to bypass sanctions and fund the country's nuclear and ballistic missile programs.
The group is known to have plundered an estimated $400 million worth of digital assets from crypto platforms in 2021, marking a 40% jump from 2020, according to Chainalysis, which found "Only 20% of the stolen funds were Bitcoin, [and that] Ether accounted for a majority of the funds stolen at 58%.".
The continuous onslaught of illicit activities perpetrated by the Lazarus Group has also led the U.S. State Department to announce a $5 million reward for "Information that leads to the disruption of financial mechanisms of persons engaged in certain activities that support North Korea."
News URL
https://thehackernews.com/2022/04/lazarus-hackers-behind-540-million-axie.html
Related news
- LottieFiles hit in npm supply chain attack targeting users' crypto (source)
- LottieFiles hacked in supply chain attack to steal users’ crypto (source)
- LottieFiles supply chain attack exposes users to malicious crypto wallet drainer (source)
- Crypto companies are losing ground to deepfake attacks (source)
- Rspack npm Packages Compromised with Crypto Mining Malware in Supply Chain Attack (source)