Home   »   Blog   »   Binance Accounts Frozen by FBI

Binance Accounts Frozen by FBI

Written by Leslie Sammis on July 29, 2025

When Binance freezes an account, the account holder can often get the hold lifted by supplying requested information. At some point, Binance may tell you the freeze was requested by a law enforcement agency in the United States. Binance often provides the name or email of the lead investigator with a request that you contact that law enforcement officer.

The FBI takes the lead on many instances of cryptocurrency hacking. The United States Secret Service (USSS) has recently become more involved in helping victims of fraud schemes involving cryptocurrency.

If your account is subject to a criminal investigation and you are unable to get the hold lifted yourself, you can hire an attorney focused on asset forfeiture cases to assist you. We can work with you to gather the relevant information and present it to law enforcement on your behalf.

Attorneys for Binance Accounts Frozen by the FBI

Over the years, the attorneys at Sammis Law Firm have helped clients after their Binance accounts were frozen at the request of law enforcement officers in the United States. Since early 2024, we’ve seen many accounts frozen because of an alleged connection to fraud or allegations of hacking.

For example, the North Korean hacking group, Lazarus Group, was identified as the perpetrator of a major cryptocurrency heist against Sky Mavis, the creator of the popular play-to-earn game, Axie Infinity. The attack targeted the Ronin Network, a sidechain developed by Sky Mavis to support Axie Infinity. The Ronin network allows for faster and cheaper in-game transactions by bridging to the main Ethereum blockchain.

The hackers stole 173,600 Ethereum (ETH) and 25.5 million USDC (a stablecoin pegged to the US dollar). At the time of the discovery in March 2022, the value of the stolen cryptocurrency was estimated to be over $620 million, making it one of the largest cryptocurrency heists in history. The attack was a sophisticated social engineering scheme, not a technical exploit of the blockchain itself.

In response, Binance froze many accounts it suspected contained proceeds of illicit activity or were being used fradulently by North Korea. Not all of the account holders with frozen accounts were guilty. In fact, many of those accounts belonged to unsuspecting innocent traders of cryptocurrency purchased for value with no idea the crypto was connected to any wrongdoing.

If your account was frozen by Binance, they might ask you to reach out to an FBI agent. You have the right to hire an attorney to help you through this process.

Call 813-250-0500.

How the Lazarus Group Hacked Sky Mavis Using Malware

The Lazarus Group created a fake company and a fake job offer to target a senior engineer at Sky Mavis. After multiple rounds of interviews, the hackers sent a “job offer” in a PDF document. The unsuspecting engineer downloaded the file, which contained malware that compromised their computer. The malware gave the hackers a foothold in Sky Mavis’s IT infrastructure. Using that foothold, they gained control of four of the nine validator nodes on the Ronin network.

To move funds, five out of the nine validator signatures were needed. The hackers had four, and they exploited a vulnerability in the Axie DAO (Decentralized Autonomous Organization) to gain the fifth signature. Sky Mavis had previously requested help from the DAO for transaction overload, and the access it was granted was never revoked. This information allowed the hackers to obtain the final signature needed to authorize the massive withdrawals.

After the heist, the Lazarus Group used a cryptocurrency mixer, Tornado Cash, to launder a portion of the stolen funds to obscure the transaction trail and avoid being tracked.

The FBI officially attributed the hack to the Lazarus Group and APT38, both of which are cyber threat actors linked to North Korea. The U.S. Treasury Department sanctioned the Ethereum wallet address used by the hackers, linking it to the Lazarus Group. The attack highlighted the risks of security vulnerabilities in crypto bridges and the effectiveness of social engineering attacks.

Sky Mavis announced that it would repay the stolen funds, securing a new funding round and using its own balance sheet assets. Promising to implement new security measures, Sky Mavis increased its validator nodes and improving its security protocols.

The Axie Infinity heist is not the only example of North Korea’s use of cybercrime to generate revenue for its sanctioned government and its weapons programs. The Lazarus Group has been implicated in numerous other major cyberattacks, including the 2014 hack on Sony Pictures and the 2017 WannaCry ransomware attacks.

Our Attorneys

Jason D. Sammis
Leslie M. Sammis

Free Consultation

Submit this form to request a free and confidential consultation with one of our attorneys.

*All fields required. Submission of an online form does not constitute an attorney-client relationship.
*If your situation is urgent, please call our office at (813) 250-0500.
This field is for validation purposes and should be left unchanged.

Office Locations

Main Office:

1005 N. Marion St. Tampa, FL 33602
(813) 250-0500

map + directions

14010 Roosevelt Blvd. #701 Clearwater, FL 33762

map + directions

Second Office:

7509 Little Road New Port Richey, FL 34654
(727) 807-6392

map + directions

Asset forfeiture

Binance Accounts Frozen by FBI

Case Results

₿1.19121 BTC

A detective with the Volusia County Sheriff’s Office reportedly obtained a sealed seizure warrant from Circuit Court Judge Joan Anthony. The seizure warrant purportedly allowed the agency to seize 1.19121 BTC from a business owner’s account with Kraken dba Payward Ventures Inc., by ordering... read more »

$159,950

$159,950 Plus Interest Returned by Homeland Security - On September 20, 2019, $181,500.00 in U.S. Currency was seized at the Tampa International Airport before a domestic flight. A federal agent wrote a receipt to our client that said: “MONEY CONTAINED IN 2 BAGS. ESTIMATED... read more »

+$78,000

DEA Seized +$78,000 at the JFK International Airport and Returned All of the Funds: In October 2020, the DEA seized more than $78,000 from a traveler at JFK International Airport. After we were retained, we took steps to preserve any surveillance video of the... read more »

$57,000

CBP Returns $57,000 Seized at the Tampa International Airport: In January 2021, CBP seized $57,000 from a traveler at the Tampa International Airport. Before attempting to board a domestic flight, the traveler was detained and questioned near Gate A. Shortly thereafter, the traveler was... read more »

$500,000 in Bitcoin

Court Orders the Return of $500,000 of Cryptocurrency Seized by a Florida Sheriff’s Office: On June 17, 2025, the Honorable J. Layne Smith, Circuit Judge in Wakulla County, FL, ordered the sheriff’s office to return the seized cryptocurrency, including over $500,000 worth of Bitcoin... read more »

*The case results discussed here do not necssarily reflect the potential outcomes of other cases. The facts and circumstances of each case are unique and must be evaluated and handled on their own merit.

Read more Case Results

Client Reviews

Read more reviews