The U.S. Treasury Department has added three Ethereum wallet addresses to a list of sanctions tied to a hacker group accused of stealing more than $600 million in cryptocurrency from the Ronin sidechain of the nonfungible token game Axie Infinity.
The Treasury Department’s Office of Foreign Assets Control, or OFAC, added three Ethereum addresses to the Lazarus Group of North Korea’s Specially Designated Nationals list in a Friday update.
U.S., UN tatget North Korean group
In a Friday tweet, the U.S. government department indicated that the addresses were added to the list in an effort to prevent North Korea from circumventing sanctions imposed by the US and the UN. According to blockchain records, at least one of the wallet addresses associated with the Ronin hackers moved payments to crypto mixer services such as Tornado Cash.
The group has been targeted by U.S. authorities, including the Federal Bureau of Investigation and the Cybersecurity and Infrastructure Security Agency, for allegedly stealing more than 173,600 Ether (ETH) and 25.5 million USD Coin (USDC) from the Ronin sidechain in March — the tokens were worth more than $600 million at the time.
Crypto crimes becoming widespread
The addition of the ETH addresses was the most recent action enforced by OFAC to identify digital assets as a mechanism for sanctioned governments to get funds. The government department announced in April that it had targeted Russia-based darknet marketplace Hydra and digital currency exchange Garantex, as well as crypto mining firm BitRiver, for alleged connections to payments from ransomware attacks and other cybercrimes.
According to Chainalysis, North Korea stole over $400 million in Bitcoin through cyberattacks in 2021, implying that the Ronin robbery could be its largest grab to date. Illicit funds related to the isolated nation’s hacking gangs were mostly in Ether (58%), Bitcoin (20%), and other tokens (22%).