US government says $650M Axie Infinity crypto-heist was pulled by North Korea

pcgamer.com:

The US Treasury department has added the North Korea-based hacker collective that calls itself Lazarus Group to its international sanctions list, saying the group was responsible for the big crypto-heist of Axie Infinity that made off with more than $600 million in March.

Axie Infinity makes use of a «sidechain» called Ronin that enables users to access the Ethereum blockchain without incurring many of the standard NFT transaction fees. Essentially, the Ronin and Ethereum blockchains run in parallel, connected by a digital «bridge» that allows the movement of cryptocurrency between them. Unfortunately, an exploit in that bridge also enabled hackers to make off with 173,600 Ethereum and 25.5M USDC, which at the time of the theft converted to more than $600 million.

The Treasury Department's "Specially Designated Nationals List" update doesn't reference that crime explicitly, but it does list a «digital currency address» for Lazarus Group that Etherscan currently identifies as «Ronin Bridge Exploiter,» and states «is reported to be involved in a hack targeting the Ronin bridge.» 

The Treasury Department confirmed the connection in a statement sent to PC Gamer, saying that the list was updated to include the virtual wallet associated with the Axie Infinity heist. The wallet itself was discovered by the FBI as part of its ongoing investigation of the thread posted by North Korea and state-sponsored actors like Lazarus Group. 

«The FBI continues to combat malicious cyber activity including the threat posed by the Democratic People's Republic of Korea to the US and our private sector partners,» an FBI representative told PC Gamer. 

«Through our investigation we were able to confirm Lazarus Group and APT38, cyber actors