Posted on April 17, 2022 at 9:26 AM
The Ronin Network suffered from a massive breach towards the end of last month. The Ronin Network bridge for the Axie Infinity play-to-earn game suffered a theft of $625M worth of cryptocurrencies.
The breach has now been affiliated with hacking groups based in North Korea. A report from the US Treasury Department and the FBI has said that two popular hacking groups in North Korea were behind the largest decentralized finance (DeFi) hack.
North Korea attributed to hack on Ronin network
The Federal Bureau of Investigations has affiliated North Korean hackers with the over $600M theft on the Axie Infinity Ronin Network. Axie Infinity is a leading P2E game that allows gamers to earn cryptocurrencies. The hack on the network was detected around a week after it happened.
A statement from the FBI said, “Through our investigations, we were able to confirm Lazarus Group and APT38, cyber actors associated with [North Korea], are responsible for the theft.”
The Lazarus hacking group is linked to the North Korean government, which has been attributed to several espionage attacks. The Lazarus Group is famous for hacking Sony Pictures and leaking a movie that depicted the leader of North Korea, Kim Jong-Un. The hacking group has also been linked to hacks on international banks. This is the first cryptocurrency heist associated with the group.
A spokesperson of the US Treasury Department issued a statement saying that “the United States is aware that the DPRK has increasingly relied on illicit activities including cybercrime to generate revenue for its weapons of mass destruction and ballistic missile programs as it tries to evade robust US and UN sanctions.”
North Korea has been linked to cryptocurrency heists in the past. The United Nations has previously released a statement saying North Korea’s missile program was funded using stolen cryptocurrencies. However, the country has rubbished these claims and denied using stolen funds to support its missile program.
The recent hack on the Ronin Network resulted in a loss of 173,600 Ether (ETH) tokens and 25 million USDC tokens, valued at $625M at the time. The hackers exploited an unpatched vulnerability on the network. In November, Axie Infinity witnessed significant growth in the number of players on the network, and the developers made some changes to support the increased workload. However, they failed to withdraw permissions earlier this month when the user load was reduced.
Increased hacks on DeFi projects
The decentralized finance (DeFi) sector has witnessed considerable growth over the past year. However, the growth has also attracted hackers that want to take advantage of naïve users in the DeFi sector.
Over the past year, hundreds of millions of dollars worth of crypto have been stolen from DeFi projects. This year alone, several hacking incidents have occurred, including the one on the Wormhole bridge linking the Solana and Ethereum blockchain.
In some incidences, the hackers are forced to return the stolen cryptocurrencies after failing to find a way of cashing out. This happened in the case of the Poly Network, where almost all of the $600M worth of stolen crypto was returned.