US law enforcement recovered $30M stolen from Axie Infinity

September 14, 2022
US Law Enforcement Recovered Stolen Funds Axie Infinity Cryptocurrency Gaming Money Laundering

The collaboration of the US government, FBI, and blockchain analysts has resulted in the recovery of $30 million worth of stolen cryptocurrency by the Lazarus threat group from a popular play-to-earn game called Axie Infinity.

This event is the first news that revealed the seizure of the stolen crypto assets from the North Korean-sponsored threat group since the date of the attack against the game.

Based on reports, the joint operation has utilised advanced tracing methods to follow stolen funds to cash out points and liaise with the authorities and industry personnel to freeze the crypto funds.

The game’s spokesperson said the money would gradually transfer into Axie Infinity’s treasury and return to its players. However, they clarified that the money transfer process could take multiple years.

 

The Lazarus group tried to launder the stolen funds from Axie Infinity.

 

A threat analysis explained that the Korean threat actors had adopted a five-stage laundering strategy to transfer the stolen funds from Axie Infinity.

The Lazarus operators initially sent the stolen Ether funds to intermediary wallets. Subsequently, they mixed the Ether funds in batches via Tornado Cash. The next step of the attack is the threat actors attempting to swap Ether for Bitcoin and mix Bitcoin into sets.

Fortunately, the recent sanction of the US Department of Treasure on Tornado Cash has played an essential role since the threat actors were forced to utilise alternative platforms for the remaining stolen funds.

Furthermore, the team tracked the chain-hopping activity and traced all attempted crypto swaps, which helped them freeze and recover the stolen funds.

The total monetary affliction caused by Lazarus’ hack against Axie Infinity has reached more than $600 million. Hence, the retrieved funds only represent five percent of that value and ten percent of the crypto amount.

Furthermore, the remaining damage caused by the group is still relevant, as it shows that the stolen digital assets cannot easily be moved, transferred, laundered, or cashed out.

The recovery of some of the stolen crypto funds has still sent shockwaves across the hacking community, implying that it is still possible to trace missing funds despite the sophistication of threat actors.

About the author