The United States Treasury Department has added three Ethereum wallet addresses to sanctions allegedly linked to the hacker group responsible for stealing more than $600 million in crypto from the ronin sidechain of non-fungible token game Axie Infinity responsible for.
In an update on Friday, the Treasury Department’s Office of Foreign Assets Control (OFAC) listed three Ethereum addresses among its Specially Designated Nationals restrictions for North Korea’s Lazarus Group. US authorities including the Federal Bureau of Investigation and the Cybersecurity and Infrastructure Security Agency have prosecuted the group for their alleged role in the extraction of more than 173,600 Ether (ETH) and 25.5 million USD coins (USDC) from the Ronin -Sidechain targeted in March – the tokens were worth more than $600 million at the time.
The US Department of Government implied in a tweet Friday that the addresses were added to the list to prevent North Korea from evading sanctions imposed by the United States and the United Nations. Blockchain records show that at least one of the wallet addresses associated with the Ronin hackers sent funds to crypto mixing services like Tornado Cash.
OFAC added 3 virtual wallet addresses to the Lazarus Group SDN list. The DPRK has relied on illegal activities such as cybercrime for revenue while attempting to circumvent US and UN sanctions. Transactions involving these risks are subject to US sanctions. https://t.co/GMNZkwe1IA
— Department of Treasury (@USTresury) April 22, 2022
Chainalysis reported in January that North Korea stole around $400 million in cryptocurrency via cyberattacks in 2021, meaning the ronin theft could represent its biggest haul yet. Illicit funds linked to hacking groups from the reclusive nation were mostly in ether at 58%, bitcoin at 20% and other tokens at 22%.
Related: FBI and CSIA issue warning of North Korean cyberattacks on crypto targets
The addition of ETH addresses was the latest digital asset identification measure imposed by OFAC as a means for sanctioned governments to raise funds. In April, the government agency announced that it had targeted Russian dark web marketplace Hydra and digital currency exchange Garantex over alleged links to payments from ransomware attacks and other cybercrimes, as well as crypto mining company BitRiver.