Axie Infinity retrieves $30M from hackers

Are you a fan of thriller chasing-running movies? Here is a real story: protagonists (experts in cryptocurrency and law enforcement officials) and antagonists (hackers from North Korea) fighting over 30 million dollars. Although it sounds like a story plot, it did happen, and here is how the events unfolded leading to the eventual recovery, and the bad guys losing.

Cross-chain bridges within DeFi protocols are increasingly becoming attack targets of North Korea’s elite hacking groups such as Lazarus. In 2022, hackers in North Korea stole around one billion dollars from this protocol. In the past, losing to a crypto scam/hack had negligible chances of recovering the stolen amount. Things started improving, with a successful recovery of the majority of crypto assets taken as ransom in the Colonial Pipeline incident.  The situation has greatly improved, and so have the good guys. Here is how Axie Infinity got back their funds.

Also Read: IMF Calls for an Updation of Existing Crypto Regulations Worldwide

What Is Axie Infinity?

Axie Infinity is one of the most popular play-to-earn crypto battle games. The players are rewarded in cryptocurrency. Gamers battle, collect and breed a fantasy animal named Axie. Better bred Axies can create superior offspring, and these offspring can be sold for real-time ETH. The NFT-based game was built by Vietnamese firm Sky Mavis and has been noted as a significant source of income for gamers in different countries, including the Philippines and Venezuela.

Also Read: Crypto Dating: The Perils Of Trading Blindfolded In Romance

The Heist In Detail

Axie Infinity has been the first organization to successfully retrieve 30 million dollars of cryptocurrency from North Korean hackers. The organization collaborated, working hand-in-hand with the US Law Enforcement departments and cryptocurrency organizations during the crypto recovery.

In March 2022, around 600 million dollars were stolen from Ronin Network. It is a sidechain (crypto wallet) of Axie Infinity. Lazarus Group breached five out of nine private keys for validation in the network. Using this, they authorized two transactions – a withdrawal of 173,600 Ether and another for 25.5 million USD stablecoins.

The Crypto Recovery

The hackers laundered the stolen digital assets using over 12 thousand crypto addresses. However, using advanced tracing methods, the experts were able to freeze the funds, and the hackers weren’t able to cash out.

After accounting for the price fluctuations, the recovery amounts to just ten percent of the total heist. However, it is proof that even if the hackers could breech and get hold of the fund, they would have difficulty cashing out and enjoying their ill-gotten fruits. We need the right blockchain analysis tools and talented minds to curtail even the high-end hackers. There is much more to go in crypto retrieval and security improvement. However, every significant evolution starts with a single step, and this 30 million dollar retrieval marks the very first step.

The Chase And Crypto Recovery In Detail

The standard laundering technique hackers use for DeFi protocol has five stages.

• Once they steal the funds, the Ether transacts to other wallets.
• These Ether mixes in batches with the help of Tornado Cash
• They swap their Ether for bitcoins.
• They mix bitcoins into batches
• Bitcoins are to cash out

Recently,  the OFAC(Office of Foreign Assets Control) scrutinized and penalized Tornado Cash for a $455 million cryptocurrency heist from the game. The hacker group then changed their model to switch the stolen Ether to different cryptocurrency types with one transaction. Bridges helped move these assets between chains; every step in this process is 100% legal. Thus, anyone who oversees these exchanges would assume them to be legit.

In the Axie Infinity case, the hackers switched from ETH to the BNB Chain and from there to USDD and then to the BitTorrent chain.

The Reason For This Crypto Recovery Success

The main reason this counterattack worked out was the use of a high-end tracking system and the swift involvement of law enforcement departments. Money laundering of cryptocurrency is worlds apart from laundering physical money. The traditional laundering process involves using several shell corporations, and most institutions do not allow this.

The stolen digital assets are now resting unspent in wallets. Although the wallets are under the control of the hackers, there is no way they can retrieve the money outside, and it would stay unspent.

What’s Next?

This effective counterattack against Lazarus was possible because law enforcement, crypto experts, and other departments joined hands and worked swiftly to trace back the hackers’ steps. With such involvement from the private and public sectors, it is possible to create an ecosystem that can prevent such crypto robberies in their buds.

Wrapping Up

This Axie Infinity crypto recovery incident showed us that hackers are getting smarter with time. Moreover, they have high-end laundering techniques and better knowledge. However, the crypto community is evolving at a rapid pace, acting as one and creating better tracking systems and checkpoints to ensure a secure environment for crypto transactions.