US seizes cryptocurrency worth $30 million stolen by North Korean hackers

More than $30 million worth of cryptocurrency looted from North Korea-linked Lazarus Group from online video game Axie Infinity has been recovered, marking the first time digital assets stolen by the threat actor have been seized.

“The seizures represent approximately 10% of the total funds stolen from Axie Infinity (taking into account price differences between stolen and seized time), and demonstrate that it is becoming increasingly difficult for bad actors to cash in with success their ill-gotten crypto gains,” Erin Plante, senior director of investigations at Chainalysis, said.

The development comes more than five months after the crypto hack resulted in the theft of $620 million from decentralized finance (DeFi) platform Ronin Network, with attackers laundering the majority of the profits – amounting to $455 million. dollars – via Ethereum-based cryptocurrency. Tornado Cash cup.

cyber security

The March 2022 cryptocurrency heist resulted in losses totaling 173,600 ETH worth around $594 million at the time and $25.5 million in USDC stablecoin, making it the largest cryptocurrency theft to date.

Although Tornado Cash has become a popular tool to anonymize virtual currency transactions, its abuse by malicious actors such as the Lazarus Group to cash in illegally obtained assets has placed it in the crosshairs of the US government, which has imposed sanctions against the serve in the last place. month.

The blockchain analytics firm said the blocklist forced the adversary away from the mixer in favor of DeFi services like crypto bridges to chain-hop and move digital assets between chains for the purpose. to obscure the bottom track.

“The hacker linked ETH from the Ethereum blockchain to the BNB chain, then exchanged that ETH for USDD, which was then linked to the BitTorrent chain,” Plante said, detailing the switch between multiple types of cryptocurrencies. in a single transaction to launder the stolen funds.

cyber security

The Lazarus Group is a prolific Advanced Persistent Threat (APT) that is driven by efforts to support North Korea’s operational objectives, which include espionage and revenue generation for the sanctions-stricken nation by striking financial institutions. Most cyber operations are conducted by elements of the General Reconnaissance Bureau.

The seizure also comes as six Tornado Cash users, including Coinbase employees, filed a lawsuit this week against the US Treasury Department, Treasury Secretary Janet Yellen and other officials over their decision to impose sanctions. to the platform.

The crypto recovery is also indicative of the progress made by US authorities in their ability to track and seize illicit cryptocurrency funds originating from various cybercrimes. In late July, the Justice Department announced the seizure of $500,000 worth of Bitcoin from a North Korean hacking team that extorted digital payments from healthcare facilities using a new strain of ransomware known as Maui. .

Previous Island rounds out platform support with the addition of iOS, iPadOS and Android functionality to its market-leading enterprise browser
Next FIRSTBORN Feat. CHRIS ADLER and JAMES LOMENZO release new singles 'Bad Things' and 'One Of A Kind'; audio