The Lazarus Group, which is thought to be run by the North Korean government, is behind the $625 million Ronin hack, according to Chainalysis.
The Ethereum address behind the Ronin hack is on the US Treasury Department’s Specially Designated Citizens and Blocked Persons (SDN) list.
The Eth address involved in the attack received 173,600 Eth and 25.5 million USDC transfers. At the time of press, Ethereun wallet holds $445 million in Eth.
Ronin, an Ethereum sidechain recently developed for the popular play-to-earn game Axie Infinity, has suffered the biggest hack in DeFi history.
Sky Mavis, the developer of Axie Infinity, has so far raised $150 million for customers who have been victims of the attack.
Chainalysis stated at the beginning of January that North Korean hackers stole $400 million worth of cryptocurrencies last year, with much of it happening on the Ethereum blockchain. Lazarus Group, affiliated with North Korea’s intelligence bureau, is responsible for most of the attacks.
The Kim Jong Un regime allegedly used these funds to finance its nuclear and ballistic missile programs.
Lazarus Group isn’t just targeting crypto companies. The hack group also attacked Sony Pictures, Bangladesh Central Bank and various pharmaceutical companies. In addition, the same group was behind the WannaCry attack, which affected nearly 200,000 computers worldwide.
