Federal Authorities Recover $30 Million in Cryptocurrencies that North Korean Hackers Stole.

Earlier this year, hackers with North Korean support stole $30 million worth of digital tokens from the creator of the non-fungible token-based game Axie Infinite, according to a statement released on Thursday by cryptocurrency analytics company Chainalysis.

The seizure only accounts for around 12% of the total monies stolen after taking into account the more than 50% decline in bitcoin prices since the robbery in March. One of the largest cryptocurrency thefts ever took place when 173,600 ethereum worth $594 million at the time and $25.5 million in USDC stablecoin were transferred.

Harder to conceal

Erin Plante, senior director of investigations at Chainalysis, wrote that the seizures “demonstrate that it is becoming more difficult for bad actors to successfully cash out their ill-gotten crypto gains.” “We have proven that with the right blockchain analysis tools, world-class investigators and compliance professionals can collaborate to stop even the most sophisticated hackers and launderers,” she added.

According to Axie Infinity developer Sky Mavis, the hackers carried out the transfers after gaining access to five of nine private keys held by transaction validators for the Ronin Networks cross-bridge, a dedicated blockchain for the game. The FBI attributed the theft to Lazarus, the name used to track a hacking group backed by and working on behalf of the North Korean government.

In an effort to conceal the movement of the stolen monies, the hackers next started a complex money-laundering procedure that entailed sending money to more than 12,000 distinct currency addresses.

In his post on Thursday, Plante wrote:

The usual DeFi laundering process used in North Korea has around five stages:

1. stolen ether was transferred to middlemen wallets
2. Tornado Cash packets of ether are combined
3. Bitcoin exchanged for ether
4. batch-mixing of bitcoin
5. When using crypto-to-fiat services to cash out, bitcoin is deposited.

After discovering that the virtual currency mixer Tornado Cash has been used to launder more than $7 billion worth of virtual currency since its launch in 2019, the US Treasury Department sanctioned it last month. Of that amount, $455 million was related to the theft from Axie Infinity.