Norway Seizes $5.9M in Crypto From North Korean Axie Hackers

Norway Seizes $5.9M in Crypto From North Korean Axie Hackers

The seizure of funds stolen from leading NFT-based play-to-earn game Axie Infinity last year was the country's largest ever, prosecutors said.

Norway Seizes $5.9M in Crypto From North Korean Axie Hackers

Table of Contents

Norwegian authorities have made their largest-ever seizure of stolen cryptocurrency.

After a long, international investigation by Økokrim, the National Authority for Investigation and Prosecution of Economic and Environmental Crime, prosecutors have retrieved 60 million kronor — about $5.9 million — from hackers who robbed Axie Infinity developer Sky Mavis' Ronin Network cross-chain payments bridge.

It was also one of the largest-ever cash-value seizures by the Norwegian police.

The U.S. Justice Department has said that North Korea's state-sponsored Lazarus Group hackers were behind the attack, which made off with $625 million. It led to the sanctioning of the and Tornado Cash mixing services.

"Økokrim are good at following money," said First State Attorney Marianne Bender in a statement. "This case shows that we also have a great capacity to follow the money on the blockchain, even if the criminals use advanced methods."

Praising the crime-fighting agency's cooperation with and assistance from the FBI, Bender said Økokrim would continue to track the stolen funds. She added:

"This is money that can support North Korea and their nuclear weapons programme. It has therefore been important to track the cryptocurrency and try to stop the money when they try to withdraw it."

Bender's office will reach out to Sky Mavis "so that the aggrieved get the money back to the greatest extent possible," she said.

It is not the first seizure of funds North Korea stole from the Ronin Network.

Last fall, blockchain intelligence firm Chainalysis said it had helped retrieve $30 million stolen in the Ronin Network hack.

The Biggest Hack of 2022

The Ronin Network hack came about after Lazarus Group hackers gained access to five of the private keys belonging to the cross-chain payments bridge's nine validators.

While they acted quickly to drain 173,600 ETH and 25.5 million USDC stablecoins, Ronin did not actually realize that the funds were missing for several days.

At the time, Chainalysis said those funds had been divided among 12,000 different crypto addresses, showing off the "highly sophisticated laundering capabilities" of the rogue state's hackers.

7 people liked this article