Millions from Axie Infinity Hack Recovered by FBI and Norwegian Authorities

Økokrim and the FBI were successful in preventing the North Korean Hacker Group from laundering the stolen crypto assets.

Axie Infinity player playing with Stolen Axie from the Axie Infinity Hack
  • Norwegian authorities have recovered over $5.5 million from North Korean hackers connected to an Axie Infinity hack. 
  • The record-high crypto seizure is the largest the Norwegian authorities have made. 

Norway’s National Authority of Investigation and Prosecution of Economic and Environmental Crime, or Økokrim, has made its largest crypto bust yet. The economic crime unit recovered 60 million Norwegian kroner, or approximately $5.9 million, from hackers connected to an Axie Infinity hack in March last year. 

Since the announcement, the AXS and RON tokens have increased in value by 8% to $11 and 10% to $0.8788, respectively.


With help from the FBI, Økokrim has been investigating the hack for almost a year. The hack was one of the largest hacks on Axie Infinity to date, and the hackers were looking to cash out, but they couldn’t in time.


In March 2022, hackers looted the Ronin Network, Axie Infinity’s host network, in one of the biggest crypto heists to date. The Axie Infinity hackers successfully breached the network to steal crypto assets worth $625 million at the time; this included 174,000 ETH and 26 million USDC

The Axie Infinity hackers found a backdoor through Ronin’s gas-free RPC node to abuse the Axie DAO validator. 

The Federal Bureau of Investigation (FBI) connected the hackers to a North Korean hacker group, Lazarus. The FBI reported that Lazarus and other North Korean exploiters have stolen as much as $1 billion in crypto assets since 2017. 


According to reports, the exploiters were looking to “whitewash” the stolen assets through Tornado Cash, a privacy mixer, which the U.S. Treasury Department has sanctioned. The hackers were looking to start large-scale money laundering operations. 

However, since the Axie Infinity hack, the FBI and the Norwegian authorities have been actively investigating and tracking the stolen assets. The international partners in the investigation were successful in preventing the exploiters from laundering the money and recovered millions of stolen assets from being used for more crime. 

A Nuclear Problem

Økokrim alleged in a press release that the stolen assets would fund North Korea and the nuclear weapons program. Therefore, tracking the assets and preventing the exploiters from investing in mass weapons was of utmost importance. 

Marianne Bender, Senior Prosecutor at Økokrim, shared in a statement, 

“This is money that can support North Korea and its nuclear weapons program. It has therefore been important to track the cryptocurrency and try to stop the money when they try to withdraw it in physical value.”

Økokrim has shared that it will continue to monitor the hackers’ money laundering operation and will try to stop the stolen assets from being whitewashed into regular currency. The economic crime unit has yet to connect with Sky Mavis, developer of Axie Infinity, and return the stolen crypto to the victims. 

On the Flipside

  • Three months after the hack in 2022, Ronin went through a major overhaul to prevent similar breaches from happening again. 
  • The stolen assets have dropped almost 50% in value and are approximately worth $325 million at press time. 
  • The Lazarus Group was also responsible for Harmony’s Horizon Bridge Exploit.

Why You Should Care

Authorities have often been unsuccessful in recovering stolen crypto assets. This could be partly because of cryptocurrencies’ digital and anonymous nature and other factors. The Norwegian authorities recovering millions in stolen goods is a significant win for both users and the government. 


Read about the biggest hacks in crypto history:
12 Biggest Hacks in Crypto Exchange History.

Learn how blockchains can be hacked:
Ways Blockchain Can Be Hacked.

This article is for information purposes only and should not be considered trading or investment advice. Nothing herein shall be construed as financial, legal, or tax advice. Trading forex, cryptocurrencies, and CFDs pose a considerable risk of loss.

Insha Zia

Insha Zia is a senior journalist at DailyCoin covering crypto developments, especially in the Cardano ecosystem. With a Bachelor of Science in Computer Systems Engineering, he delivers high-quality articles with his technical background and expertise in data analysis and programming languages, aiming to educate and inform readers accurately, transparently, and engagingly. Insha believes education can drive mass adoption of the crypto space, and he is committed to giving DailyCoin readers a better understanding of the technology.