US reclaims $30 million in crypto from Lazarus Group
The stolen funds were retrieved through a joint effort between the federal government, Chainalysis, and blockchain researchers
The US government has successfully confiscated $30 million worth of cryptocurrency from the North-Korean state-linked threat group, Lazarus.
The cybercriminal group robbed the money from the token-based play-to-earn game Axie Infinity earlier in the year.
Escape the ransomware maze
Conventional endpoint protection tools just aren’t the best defence anymore
According to crypto intelligence firm Chainalysis, the incident marks the first time that cryptocurrency stolen by a North Korean hacking group has been seized. With help from the federal government and blockchain analysts, the firm played a significant role in retrieving the stolen assets.
"Chainalysis Crypto Incident Response team played a role in these seizures, utilizing advanced tracing techniques to follow stolen funds to cash out points and liaising with law enforcement and industry players to quickly freeze funds," the company reports.
The seized money will gradually be deposited into Axie Infinity's treasury and returned to the players' community. However, the process could take years to complete.
As for the scope of the attack, Lazarus' Axie Infinity hack is estimated to have cost the gaming firm $620 million. As matters stand, the recovered amount represents only 10% of the total funds stolen from Axie Infinity.
Even so, hackers are unlikely to successfully cash out their ill-gotten crypto gains, notes Chainalysis.
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2024.
“Much of the funds stolen from Axie Infinity remain unspent in cryptocurrency wallets under the hackers’ control. We look forward to continuing to work with the cryptocurrency ecosystem to prevent them and other illicit actors from cashing out their funds,” added Chainalysis.
Not long ago, Lazarus has been flagged in an attempted cyber attack on cross-chain firm deBridge Finance. The news breaks weeks after the US State Department doubled the reward for information on cyber threat actors having roots in North Korea.