Chainalysis helped arrest a $ 30 million cryptocurrency stolen when racing Ronin

Law enforcement officers, with the assistance of the analytical blockchain company Chainalysis, arrested the cryptocurrency stolen during the March hacking of Sadchain in the amount of more than $ 30 million.

The attack of the North Korean hackers from Lazarus Group on the Axie Infinity, the network has become one of the largest in the industry. Attackers gained access to five of the nine keys of the validators. They used the majority to approve two output transactions: 173 600 ETH and 25.5 million USDC. The value of stolen assets at that time amounted to $ 625 million.

After hacking, the hackers began the process of laundering of funds in which more than 12,000 different crypto -adales involved, noted in Chainalysis.

Researchers have identified a typical scheme for the legalization of cryptoactives used by the North Korean group. According to them, it consisted of five stages:

• The stolen broadcast was sent to intermediate wallets;
• Coins in batches were passed through the Tornado Cash mixing service;
• The asset exchanged for Bitcoin;
• Digital gold was sent to a cryptocurrency mixer;
• In the last phase, Bitcoin was deposited to trading platforms for cashing.

According to Chainalysis, hackers reproduced this process with most of the stolen means.

In early August, the US Ministry of Finance imposed sanctions against Tornado Cash for laundering cryptocurrencies, including Lazarus Group for more than $ 455 million. From this moment, the grouping began to use Defi services instead of Ethereum Mixers for transitions between blockchains and various types of cryptocurrencies in one transaction.

As an example, the researchers led one of such operations with stolen means. In her course, hackers sent ETH from the Ethereum blockchain through the bridge to the BNB Chain, exchanged to the USDD and transferred steablecoins to the Bittorrent network.

Researchers noted that the tracking of stolen assets was largely facilitated by transparency https://gagarin.news/ru/news/the-realm-of-game-fi/ inherent in cryptocurrencies. The arrest of the amount of more than $ 30 million was the result of the CHAINALYSIS team cooperation with law enforcement officers and coordination of actions with trading platforms, where funds were received for cashing.

According to the company, this is the first case of confiscation associated with Lazarus Group cryptocurrency.

Most of Ronin stolen by Ronin remains on wallets controlled by attackers, experts emphasized.

Recall that the researcher ₿litezero from Slowmist also came to the conclusion that the crackers of Sidchan transferred a significant part of the cryptocurrency to Bitcoin using the transaction confidentiality tools.

Read the FORKLOG Bitcoin News in our Telegram-cryptocurrency news, courses and analytics.