Norwegian police recover $5.9M stolen from Axie Infinity Ronin hack

The seized funds will be used to reimburse affected users and help prevent North Korea from funding its nuclear weapons program.

According to a press release published on Feb. 16 by Norway’s National Authority for Investigation and Prosecution of Economic and Environmental Crime (Okokrim), authorities have seized 60 million Norwegian kroner ($5.85 million) in stolen cryptocurrencies linked to the Axie Infinity Ronin Bridge hack in March 2022. According to Senior Public Prosecutor Marianne Bender: 

“Okokrim is good at following the trail of money. This case shows that we also have a great capacity to follow the money on the blockchain, even if the criminals use advanced methods.”

According to Bender, Okokrim worked with Federal Bureau of Investigation agents and the U.S. Department of Justice to track the trail of stolen digital assets. “We as a society stand stronger in the fight against digital, profit-motivated crime,” she said, “This is money that can support North Korea and their nuclear weapons program. It has therefore been important to track the cryptocurrency and try to stop the money when they try to withdraw it in physical value.” In April 2022, The U.S. Department of Justice identified North-Korea backed Lazarus Group as the mastermind of the attack. 

Authorities say that Sky Mavis, creator of the Axie Infinity game and the Ronin Bridge, will be notified of the seizure so that affected users “get the money back to the greatest extent possible.” The hack was valued at over $600 million at the time of the incident. Axie Infinity reopened its Ronin bridge in June 2022 after its founders, along with external investment from Binance, reimbursed users a total of 117,600 Ether (ETH) and 25.5 million USD Coin (USDC). The remaining 56,000 stolen ETH belonged to the Axie DAO Treasury and remains undercollateralized as Sky Mavis “works with law enforcement to recover the funds.”