US accuses North Korean hackers for $600 Axie Infinity theft

US accuses North Korean hackers for $600 Axie Infinity theft

The US authorities say that the North Korea-linked advanced persistent groups (APT) known as Lazarus Group and APT38 are responsible for the March 2022 theft of over $600 in cryptocurrency from the Ronin network used for the Axie Infinity blockchain-based game.

Last week, the US Treasury Department announced sanctions against Lazarus and tied the group to the heist, dubbed the Ronin Validator Security Breach, through the Ethereum address that received stolen funds and was identified as belonging to Lazarus.

According to the London-based blockchain analysis provider Elliptic, the attackers have managed to launder 18% of their stolen funds as of April 14.

“First, the stolen USDC was swapped for ETH through decentralized exchanges (DEXs) to prevent it from being seized. Tokens such as stablecoins are controlled by their issuers, who in some cases can freeze tokens involved in illicit activity,” Elliptic explained.

“By converting the tokens at DEXs, the hacker avoided the AML and KYC checks performed at centralized exchanges. This is an increasingly common tactic seen in hacks of this type.”

The US State Department announced that it offers rewards of up to $5 million “for information that leads to the disruption of financial mechanisms of persons engaged in certain activities that support North Korea, including money laundering, exportation of luxury goods to North Korea, specified cyber-activity and actions that support WMD proliferation.”

Back to the list

Latest Posts

Cyber Security Week in Review: April 4, 2025

Cyber Security Week in Review: April 4, 2025

In brief: New Ivanti zero-day exploited by Chinese hackers, police shut down the Kidflix CSAM platform, and more.
4 April 2025
UAC-0219 targets Ukraine’s government agencies with WRECKSTEEL stealer

UAC-0219 targets Ukraine’s government agencies with WRECKSTEEL stealer

This activity has been ongoing since at least the fall of 2024.
3 April 2025
Police crackdown shuts down major Kidflix platform hosting child sexual abuse material

Police crackdown shuts down major Kidflix platform hosting child sexual abuse material

As a result of the operation, 79 arrests were made, 1,393 suspects identified, and over 3,000 electronic devices seized.
2 April 2025