The US Treasury Department released a report outlining how it identified the culprits behind the Ronin Group’s breach of Ethereum-based game, CryptoKitties. The hackers were able to steal more than $6 million in ETH from unsuspecting players by exploiting flaws in smart contract coding and oversight on behalf of developers.
Sky Mavis has begun to carry out several relief packages as a result of the $600 million Ronin Bridge breach, and information about the perpetrators has recently surfaced. The US Treasury Department is the owner of the unearthed data, and after speaking with the FBI, they’ve concluded that North Korean hacker organization ‘Lazarus’ is to blame.
On Thursday, April 14th, the Treasury Department added an Ethereum wallet to its sanctions list, designating the address as ‘Ronin Bridge Exploiter,’ according to blockchain analytics platform Nansen.
Since the sanctions, the revelation has been confirmed by crypto analytics platform Chainalysis, and tracking company Elliptic has calculated that 14 percent of the stolen 173,600 ETH and $25.5 million has already been laundered (which may explain why the address in question only held 148,000 ETH at the time of sanctioning).
“Identification of the wallet will make obvious to other VC actors that by trading with it, they risk exposure to US sanctions,” the Treasury Department noted in a statement. This reflects Treasury’s commitment to using all available tools to disrupt rogue cyber actors and halt the flow of ill-gotten gains.”
Although this is the first time the Treasury has banned an alleged Lazarus-held crypto wallet, the outfit, along with ‘Advance Persistent Threat 38’ (another North Korean cyber company), has been on the FBI’s radar for some time.