North Korean-backed hackers lose millions to US government

One of the biggest cryptocurrency thefts ever to occur, worth nearly $600 million at the time, has been recovered by the United States government.

North Korean-backed hackers lose millions to US government
Published Sep 9, 2022 5:31 AM CDT   |   Updated Sun, Oct 2 2022 7:21 PM CDT
1 minute & 46 seconds read time

The cryptocurrency space is riddled with many problems, and one big issue is the amount of theft, fraud, and security breaches that occur.

North Korean-backed hackers lose millions to US government 01 | TweakTown.com

In March 2022, the Ronin Network, a sidechain built for the popular play-to-earn game Axie Infinity was hacked by North Korean-linked hacking group Lazarus Group. At the time, the Ronin Network explained that the security breach resulted in 173,600 Ethereum and $25.5 million in USDC ($625 million in total) were stolen after the attacker used hacked private keys in order to forge fake withdrawals.

Chainalysis, an American blockchain analysis firm, took to its blog to explain how it assisted the US government in recovering the stolen funds and the process of how the money was laundered. The Lazarus Group gained access to five of nine private keys held by transaction validators for the Ronin Network's cross-chain bridge, and with these keys, the hackers approved two withdrawal transactions - the 173,600 Ethereum and $25.5 million in USDC.

The funds were then transferred to more than 12,000 different cryptocurrency addresses, but were tracked by Chainalysis, which has boiled down the hacker's laundering process to just five stages.

  1. Stolen Ether sent to intermediary wallets
  2. Ether mixed in batches using Tornado Cash
  3. Ether swapped for bitcoin
  4. Bitcoin mixed in batches
  5. Bitcoin deposited to crypto-to-fiat services for cashout
North Korean-backed hackers lose millions to US government 05 | TweakTown.com

With the assistance of Chainalysis tracing the funds across the thousands of wallet addresses, the FBI was able to seize $30 million of the stolen funds, which represents approximately 10% of the total funds stolen from Axie Infinity when accounting for price differences between the time it was stolen and seized.

It was only last month that the US Treasury Department sanctioned the virtual currency mixer Tornado Cash, which was stage two in the North Korean-backed hacking groups' laundering strategy as the feds discovered the platform was used to launder more than $7 billion worth of virtual currency since it was created in 2019. Of that $7 billion, $455 million was connected to the Axie Infinity hack.

North Korean-backed hackers lose millions to US government 02 | TweakTown.com

Ronin Network explained via Twitter that it will take some time before the funds are returned to the Treasury, with the remainder of the funds still being locked in accounts held by the hacking group. Furthermore, Ronin Network said it looks forward to working with the feds to recover the remaining funds.

Jak joined the TweakTown team in 2017 and has since reviewed 100s of new tech products and kept us informed daily on the latest science and space news. Jak's love for science, space, and technology, and, more specifically, PC gaming, began at 10 years old. It was the day his dad showed him how to play Age of Empires on an old Compaq PC. Ever since that day, Jak fell in love with games and the progression of the technology industry in all its forms. Instead of typical FPS, Jak holds a very special spot in his heart for RTS games.

Newsletter Subscription

    Related Tags

    Newsletter Subscription
    Latest News
    View More News
    Latest Reviews
    View More Reviews
    Latest Articles
    View More Articles
    Partner Content
    Advertise With Us