The Treasury Department announced new sanctions Thursday against an Ethereum wallet belonging to a North Korean state-backed group of hackers known as the Lazarus Group.
The wallet was stolen from the Ronin Network and contains roughly $615-$620 million in the Ether and USDC tokens. The assets were linked to the popular blockchain game Axie Infinity, which was developed and run by Sky Mavis.
The March 2022 hack is likely the largest loss of digital assets in history.
The FBI has identified links between the hack and the North Korean Lazarus Group, leading to sanctions against the wallet. To ensure that the group cannot “cash out” the funds, American citizens and entities are no longer allowed to make transactions with the wallet.
“The FBI continues to combat malicious cyber activity including the threat posed by the Democratic People’s Republic of Korea to the U.S. and our private sector partners,” the FBI wrote in a statement. “Through our investigation we were able to confirm Lazarus Group and APT38, cyber actors associated with the DPRK, are responsible for the theft of $620 million in Ethereum reported on March 29. The FBI, in coordination with Treasury and other U.S. government partners, will continue to expose and combat the DPRK’s use of illicit activities – including cybercrime and cryptocurrency theft – to generate revenue for the regime.”
The Lazarus Group has been tied to several major cyberattacks, including the 2014 hack of Sony Pictures. The latest attack comes amid concerns that digital assets will be used by North Korea and Russia to evade U.S. sanctions.