The recent cyberattack on the Ronin Network, resulting in the theft of a staggering 173,600 Ethereum ($592m) and $25.5m, has been attributed to North Korean threat actors. The attack, which occurred in late March, targeted the Vietnamese blockchain game developer Sky Mavis’ Ronin Network, created as an Ethereum sidechain for the popular Axie Infinity game.
The US Treasury Department sanctions update last week revealed that the crypto wallet address used to receive the stolen funds was linked to North Korea’s Lazarus Group, a notorious cybercrime organization known for its prolific cyberattacks. The Office of Foreign Assets Control (OFAC) Specially Designated Nationals And Blocked Persons List (SDN) designation could pose challenges for North Korea in laundering the stolen funds, as it threatens secondary sanctions for entities engaging in business with the isolated nation.
In response to the incident, Ronin Network has announced that they are implementing additional security measures before redeploying the Ronin Bridge to prevent future risks. The company expressed gratitude to law enforcement agencies for their support in the ongoing investigation and promised to deliver a comprehensive post-mortem report detailing the security measures and next steps by the end of the month.
Sky Mavis, the developer behind Ronin Network, recently led a $150m funding round to reimburse all customers affected by the cyberattack. This theft surpasses the previous record set by the Poly Network attack, where hackers stole $610m in August last year.
North Korean state-backed attackers have a history of targeting cryptocurrency to support the Kim Jong-un regime and fund its missile program. In 2021 alone, it is estimated that they stole $400m in cryptocurrency, making the Ronin Network heist a significant event in the realm of cybercrime.