The recent theft of $625 million in cryptocurrencies from the Ronin Network was linked to a North Korean state-backed hacking group.
The Office of Foreign Assets Control (OFAC) of the Treasury Department announced new sanctions against a Lazarus wallet. Both Elliptic and Chainalysis have confirmed that the U.S. Treasury's wallet address is the same as the one used in the Ronin hack. The largest Defi finance hack to date, which totaled $625 million at the time, is according to the DeFiYield REKT database.
As of Thursday, the wallet held 148,000 ether, which was discovered by the FBI as part of its ongoing investigation of the threat posed by North Korea and state-sponsored actors. According to Elliptic, 14 percent of the stolen funds have already been laundered and another $9.7 million is in the process of being laundered.
U.S. individuals and entities are not allowed to make transactions with the identified account. The state-sponsored group can't cash out their funds through U.S.-based digital currency exchanges.
The state of North Korea may be using the stolen assets from the Lazarus Group to fund its nuclear and missile programs.
The Ronin Network, which is owned by Sky Mavis, said in an updated post that it will deliver a full post-mortem of the incident by the end of the month.
The Ronin Bridge will be back online by the end of the month, after additional security measures are added.
According to a report by Chainalysis, the Lazarus Group is suspected of carrying out at least seven attacks on cryptocurrencies last year.