North Korean Connection to Ronin Hack Emerges: $1B+ Stolen in 2 Years So Far
Image courtesy of 123rf.

North Korean Connection to Ronin Hack Emerges: $1B+ Stolen in 2 Years So Far

Updated government records show that a notorious North Korea-Backed Group was responsible for the $600M+ Ronin network hack last month.
Neither the author, Kingsley Alo, nor this website, The Tokenist, provide financial advice. Please consult our website policy prior to making financial decisions.

The US Office of foreign asset sanctions (OFAC) has updated its Specially Designated Nationals (SDN) list. The new update sees the addition of the Ethereum address linked with the recent exploit of the Ronin network by the US treasury department. The address in question has received 173,600 ETH and 25.5 million USDC tokens and currently holds $445 million worth of ETH.

According to Chainalysis, the update directly links the $600M+ hack to the notorious North Korea-backed Lazarus group. The cyber-terrorist group supposedly run by the North Korean government has been a menace recently, carting away over $400 million in 2021 before its latest hack. 

Lazarus Group Steals Over $1 Billion in Two Years

The recent Ethereum sidechain hack brings the total value of the Lazarus group exploits to over $1 billion in just two years. In 2021, the group had a field day with seven attempted hacks raking in over $400 million for the hackers, according to Chainalysis.

Usually, the hackers target investment firms and centralized exchanges using phishing lures, code exploits, malware, and complex social engineering techniques. However, they have stepped their activities up a notch by successfully attacking the popular Axie infinity’s Ronin network. The singular successful exploit of over $600 million, one of the costliest recently, has pushed the group’s total hack value above $1 billion.

Consequently, the Ethereum network has been the subject of most of the Lazarus group’s attacks, and the reason isn’t far-fetched. Recently, an Ethereum developer, Virgil Griffith, was sentenced to five years and three months in U.S. prison. Griffith pleaded guilty to a charge brought on by speaking at a crypto conference in North Korea.

According to the Department of Justice, Griffiths’s presentation violated the US’ North Korean sanctions. They further revealed that it provided Kim Jong Un’s regime with “technical advice on using cryptocurrency and blockchain technology to evade sanctions.” Alongside jail time, Griffiths was also fined $100000.

Ironically, Griffith’s visit to North Korea to attend and speak at the “Pyongyang Blockchain and Cryptocurrency Conference” was in April 2019. Since then, the attacks by the Pyongyang-linked cyber terrorists have ramped up.

Join our Telegram group and never miss a breaking digital asset story.

More Attacks Could Come with DeFi Particularly Vulnerable

Following the bountiful year that crypto thieves had in 2021, the expectation is that they may steal more in 2022.  Over $3.2 billion was carted away in 2021 as attacks on DeFi protocols increased by 1330%.

Source: Chainalysis

According to the Chainalysis chart above, DeFi platforms account for seven of the ten most significant attacks in the last fifteen months. The seven DeFi attacks resulted in a $1.6 billion loss, whereas the three exchange hacks resulted in a $960 million loss.

Also, there has been a significant rise in the percentage of exploits in DeFi year-on-year, as seen above. In the first quarter of 2022, over 90% of exploits have been DeFi-related. The trend will continue, especially as more money pours into the sector and the Total value locked (TVL) increases.

Undoubtedly, DeFi offers significant returns on investments, making it attractive to investors. However, before it can finally go mainstream, the issues of continued theft and hacks need to be resolved quickly. This would boost the confidence of participants in the space.

The government would need to set up a regulatory framework to ensure smart contract security and price oracle accuracy. The laws would require the implementation of a  rigorous approach to platform security. This would significantly reduce the threats posed by hackers.

Also, more emphasis should be laid on Blockchain analysis which becomes more critical in the case of an exploit. Investigators can take advantage of the plethora of tools to freeze and seize stolen assets, thereby preventing criminal actors from cashing out.

Finance is changing.
Learn how, with Five Minute Finance.
A weekly newsletter that covers the big trends in FinTech and Decentralized Finance.

Do you think the government needs to do more to prevent DEFI hacks from happening? Let us know your thoughts in the comments below.