Norwegian Police Recover $5.8 Million From North Korean Hacker Group Lazarus

Tyler Cross
Tyler Cross Senior Writer
Tyler Cross Tyler Cross Senior Writer

The Norwegian Police (Økokrim), recovered $5.8 million worth of cryptocurrency that the Lazarus hacker group had stolen from the crypto-based game, Axie Infinity, last year.

“It is also among the largest money seizures ever made in Norway,” the police said in a press release.

Previously over $620,000 dollars was stolen after an Axie Infinity employee fell victim to a fake job interview scam — a common tactic by the Lazarus group. It tricked the employee by offering a generous salary while posing as a legitimate company while the employee used an Axie Infinity computer. The Lazarus group eventually emailed him a pdf download that seemed to be a simple document to fill out.

After downloading that file while on a company computer, the hackers were able to quickly initiate an infection chain that allowed them to gain access to Axie Infinities Ronin Bridge and invalidate tokens on their network. After doing this, it gave them partial control and let them perform unauthorized transactions to steal the cryptocurrency.

This theft launched a massive international investigation. Since then, about 10% of the stolen funds have been recovered to return to the creator and to help with partial victim reimbursement.

“Shortly after the attack, the hackers launched a large-scale whitewashing operation, with highly sophisticated methods,” explains the report. “Økokrim has over time worked to trace dividends from the thefts together with international parties. Økokrim and the partners have followed the whitewashing process around the clock.”

The goal of whitewashing is to take cryptocurrency and find obscure ways of converting it into other forms of cryptocurrency, and ultimately, into real currency.

“Økokrim will continue to follow the whitewashing process of the hackers and try to stop and seize the (money) they are trying to take out in the physical world in the future.”

The Axie Infinity game continues to be playable and the employee who fell victim to the scam is no longer working with the company.

About the Author
Tyler Cross
Tyler Cross
Senior Writer

About the Author

Tyler is a writer at SafetyDetectives with a passion for researching all things tech and cybersecurity. Prior to joining the SafetyDetectives team, he worked with cybersecurity products hands-on for more than five years, including password managers, antiviruses, and VPNs and learned everything about their use cases and function. When he isn't working as a "SafetyDetective", he enjoys studying history, researching investment opportunities, writing novels, and playing Dungeons and Dragons with friends."