Norwegian authorities announced on Thursday that they had recovered $5,9 million worth of cryptocurrencies stolen in the Axie Infinity hack. This incident is believed to have been perpetrated by the Lazarus Group, which has ties to North Korea.
Norway's National Authority for the Investigation and Prosecution of Economic and Environmental Crimes (Økokrim) has named the seizure among the largest money seizures ever made by Norway, and the largest ever in relation to cryptocurrencies.
Victims will be able to get the funds back
“The Økokrim are experts at following money. This case shows that we are also good at tracking money on the blockchain, even though criminals use advanced techniques to avoid detection,” said Chief Prosecutor Marianne Bender.
The agency said it will work with the owner of the Axie Infinity game, Sky Mavis, to return the funds to the victims.
Axie Infinity allows players to win Ethereum. Sky Mavis calls the game its “flagship product” and the “#1 game on Ethereum in daily, weekly, and monthly active players.”
In March 2022, $620 million was stolen when attackers gained access to five of the nine private keys used by transaction validators for the Ronin Network, the Ethereum-based DeFi decentralized financial platform used by Sky Mavis. The game publisher describes the Ronin sidechain as “a tool that allows game developers to offer the benefits of the blockchain to their players without any complications”.
Once the attackers gained access to the organization, they approved the cryptocurrency transactions. They immediately then started laundering the money through the Ethereum-based cryptocurrency mixer Tornado Cash, now under US sanctions. In September 2022, US authorities found and seized $30 million of ill-gotten gains.
Økokrim said he worked with the FBI to recover another $5,9 million. “This is money that can be used to finance the North Korean regime and its nuclear weapons program. It was therefore important to trace cryptocurrencies and try to prevent assets from being converted into regular currency,” Bender explained.
Another punishment for cryptocurrencies
Thursday was a bad day for Korean peninsula-related cryptocurrency scammers. On the same day, the US Securities and Exchange Commission (SEC) accused Terraform Labs and its wanted and fugitive leader, South Korean Do Kwon, of defrauding investors.
“We argue that Terraform and Do Kwon have failed to provide the public with complete, correct and truthful information as required for a number of cryptocurrency stocks. Particularly for LUNA and Terra USD,” SEC Chairman Gary Gensler said. “We also charge fraud by repeating false and misleading claims to build confidence before causing devastating losses to investors.”
The implosion of Terraform Labs’ “stablecoin” TerraUSD and related token “Luna” ushered in what has been dubbed the “cryptocurrency winter.” The crash was presented as impossible, because the value of the cryptocurrency was pegged to the US dollar. But it was not true and many Investors they lost large sums of money.
Kwon's last known address was in Singapore, but city-state authorities say he left the island in September 2022. Since then, Kwon has been placed on Interpol's Red Notice list and the South Korean government has canceled his passport.
Meanwhile, Terraform Labs keeps announcing developments as if it almost didn't result in its own little Armageddon. Yesterday it launched a decentralized automation level feature in its TerraLuna ecosystem.
