North Korean Hackers, Lazarus Group, Behind $625 Million Ronin Hack – U.S. Treasury

On Wednesday, March 23, Ronin Network, the Ethereum-based blockchain that powers popular NFT game Axie Infinity, reported one of the biggest hacks in crypto history

On Wednesday, March 23rd, the Ronin Network, the Ethereum-based blockchain powering popular NFT game Axie Infinity, reported one of the biggest hacks in crypto history, losing $625 million in an exploit.

The United States Department of the Treasury now alleges that North Korean hacking group ‘Lazarus’ was the group responsible for last month’s $625 million Ronin Network hack.

Lazarus Group Behind $625 Million Ronin Hack

On April 14th, the U.S. Treasury announced that it had added a new Ethereum wallet address to its sanctions list for the Lazarus Group.


The Ethereum wallet address which was listed by the Treasury matched the same one labeled as “Ronin Bridge Exploiter” by Sky Mavis, the creators of Axie Infinity. Chainalysis has also confirmed that the address was the same one used in the Ronin exploit.

The Federal Bureau of Investigation brands the Lazarus Group, whose earliest attacks date back to 2009, a “state-sponsored hacking organization.” 

Despite numerous high-profile cyber-attacks, including the 2014 breach of Sony Pictures and numerous attacks on pharmaceuticals in 2020, this is the first time the Treasury has publicly linked and blacklisted a crypto wallet address linked to Lazarus.


On confirming the wallet address attack, Elliptic wrote in a blog post, “many features of the attack mirrored the method used by the Lazarus Group in previous high-profile attacks.”

On the Flipside

Why You Should Care

Since the attack, Sky Mavis has been working to reimburse users who lost funds to the hack, and to enhance the security of the Ronin Bridge before redeploying it.

This article is for information purposes only and should not be considered trading or investment advice. Nothing herein shall be construed as financial, legal, or tax advice. Trading forex, cryptocurrencies, and CFDs pose a considerable risk of loss.

Milko Trajcevski

Milko Trajcevski is a DailyCoin news reporter, mainly focused on Ethereum (ETH), Cardano (ADA), and their founders (Vitalik Buterin and Charles Hoskinson). Milko is an avid follower of crypto and blockchain technology and has written thousands of articles on the subjects. He finds joy in transforming complex issues into written content that anyone can understand. Milko has used and analyzed numerous exchanges, such as Coinbase, FTX, and Binance. He also closely follows all of the latest news around the largest decentralized exchanges (DEXs). Location: Skopje, Macedonia