Blockchain & Cryptocurrency , Cryptocurrency Fraud , Cyberwarfare / Nation-State Attacks
Norwegian Authorities Seize $5.86 Million From Lazarus GroupConfiscated Cryptocurrency Tied to $620 Million Ronin Bridge Hack
Norwegian authorities confiscated crypto assets worth nearly $5.68 million tied to the 2022 Ronin cryptocurrency bridge hack by North Korean state threat actor Lazarus Group.
See Also: Live Webinar | Education Cybersecurity Best Practices: Devices, Ransomware, Budgets and Resources
Norway's National Authority for Investigation and Prosecution of Economic and Environmental Crime - in Norwegian, it's known as the Økokrim - on Thursday revealed it had retrieved a part of the hacked amount from the Ronin attackers, who in March 2022 stole $620 million worth of cryptocurrency (see: Feds Offer $5 Million to Help Disrupt North Korean Hackers).
The authority describes the seizure as Norway's largest-ever crypto seizure and says it ranks among the country's largest cash seizures ever made. National police worked alongside the U.S. FBI and Department of Justice. The FBI within weeks of the attack attributed the attack to the Lazarus Group, the Pyongyang hacking group active since at least 2010.
Stolen cryptocurrency has become a principle source of hard currency for North Korea. The regime uses the funds in part to fuel its clear and missile development programs.
With the latest action, global law enforcement agencies have collectively recovered nearly $40 million tied to the Ronin hack. The FBI, along with blockchain intelligence firm Chainalysis, in September identified and confiscated $30 million worth of Ronin stolen cryptocurrency.
Lazarus Group, also known by the names Hidden Cobra and Dark Seoul, is a prolific hacking group. In 2019, the U.S. Department of the Treasury sanctioned Lazarus and two of its affiliate groups, describing Lazarus as a sophisticated cyberespionage group primarily focused on financial gain.