The Lazarus Group, which is thought to be run by the North Korean government, is behind the $625 million Ronin hack, according to Chainalysis.
The Ethereum address behind the Ronin hack is on the US Treasury Department’s Specially Designated Citizens and Blocked Persons (SDN) list.
The Eth address involved in the attack received a transfer of 173,600 Eth and 25.5 million USDC. At the time of press, Ethereun wallet holds $445 million in Eth.
Ronin, an Ethereum sidechain recently developed for the popular play-to-earn game Axie Infinity, has suffered the biggest hack in DeFi history.
Axie Infinity developer Sky Mavis has so far raised $150 million for customers who have been victims of the attack.
Chainalysis stated at the beginning of January that North Korean hackers stole $400 million in cryptocurrencies last year, with much of it happening on the Ethereum blockchain. Lazarus Group, affiliated with North Korea’s intelligence bureau, is responsible for most of the attacks.
The regime of Kim Jong Un allegedly used these funds to finance its nuclear and ballistic missile programs.
Lazarus Group isn’t just targeting crypto companies. The hack group also attacked Sony Pictures, Bangladesh Central Bank and various pharmaceutical companies. In addition, the same group was behind the WannaCry attack, which affected nearly 200,000 computers worldwide.