Stolen Crypto Seized from North Korean Hackers for First Time Ever

Stolen Crypto Seized from North Korean Hackers for First Time Ever

Chainalysis has helped recover $30 million stolen in March's Ronin Network hack — and they're vowing to stop the Lazarus Group from cashing out the rest.

Stolen Crypto Seized from North Korean Hackers for First Time Ever

Table of Contents

Listen to the CoinMarketRecap podcast on Apple Podcasts, Spotify and Google Podcasts

Cryptocurrency stolen by a North Korean hacking group has been seized for the first time ever.

Chainalysis says more than $30 million taken in March's Ronin Bridge hack has been recovered.

While this is an encouraging sign, it's worth noting that more than $600 million was stolen from this blockchain, which powers the Axie Infinity game.

The blockchain intelligence firm has estimated that, overall, hackers linked to the secretive state have stolen $1 billion in cryptocurrency from DeFi protocols so far this year — amid fears these funds are being used to further North Korea's nuclear ambitions.

Chainalysis explained that advanced tracing techniques were used "to follow stolen funds to cash out points and liaise with law enforcement and industry players to quickly freeze funds."

According to the company, the seizures prove "it is becoming more difficult for bad actors to successfully cash out their ill-gotten crypto gains," adding:

"There is still work to be done, but this is a milestone in our efforts to make the cryptocurrency ecosystem safer."

What Happened?

The Ronin Network came under attack after the Lazarus Group managed to gain access to five of the nine private keys controlling its cross-chain bridge.

In quick succession, 173,600 ETH was drained — as well as 25.5 million USDC. Worryingly, it took several days for Ronin to realize that the funds were missing.

Figures from Chainalysis say these funds have been laundered over 12,000 different crypto addresses so far — like a vase smashing into countless tiny pieces — demonstrating the "highly sophisticated laundering capabilities" of the hackers.

Typically, there are five steps to this technique — moving stolen ETH to intermediary wallets, using Tornado Cash to mix this crypto, swapping it for Bitcoin, mixing the BTC in batches, and finally using crypto-to-fiat services. This helps explain why the U.S. recently sanctioned Tornado Cash. Chainalysis has vowed:

"We look forward to continuing to work with the cryptocurrency ecosystem to prevent them and other illicit actors from cashing out their funds."
1 person liked this article