FBI Flags Impending Sale of $40M in Stolen Crypto Funds Linked to North Korea
Please note that we are not authorised to provide any investment advice. The content on this page is for information purposes only.
The Federal Bureau of Investigation (FBI) has flagged six Bitcoin wallets associated with Lazarus, a North Korean state-sponsored hacking group. These wallets collectively hold 1,580 BTC, equivalent to $40 million, and are suspected to have amassed this sum from a series of cryptocurrency breaches last year.
FBI Alerts Crypto Firms on Stolen Crypto Funds
On August 22, the FBI issued a cautionary statement to cryptocurrency enterprises, alerting them to recent blockchain activities associated with the theft of substantial sums amounting to hundreds of millions of dollars.
This theft has been attributed to hackers linked with the Democratic People’s Republic of Korea (DPRK).
FBI flags 6 Bitcoin wallets linked to North Korea, urges vigilance in crypto firms https://t.co/JLhRx7bEpV pic.twitter.com/dQ8kra6rwi
— Blockchain Italia (@blockchainitaly) August 23, 2023
Per the released report, the FBI closely monitored cryptocurrency movements within the past 24 hours that had been stolen by individuals associated with the DPRK. These individuals were specifically identified as the TraderTraitor group, also known as Lazarus Group and APT38.
Through its investigation, the FBI uncovered that the actors linked with the TraderTraitor faction moved approximately 1,580 bitcoins from multiple cryptocurrency heists. According to the report, the FBI suspects that the DPRK may attempt to convert the stolen bitcoins, which amount to over $40 million, into cash.
Currently, these funds are being held within the six specific bitcoin addresses: 3LU8wRu4ZnXP4UM8Yo6kkTiGHM9BubgyiG, 39idqitN9tYNmq3wYanwg3MitFB5TZCjWu, 3AAUBbKJorvNhEUFhKnep9YTwmZECxE4Nk, 3PjNaSeP8GzLjGeu51JR19Q2Lu8W2Te9oc, 3NbdrezMzAVVfXv5MTQJn4hWqKhYCTCJoB, and 34VXKa5upLWVYMXmgid6bFM4BaQXHxSUoL.
The released statement affirmed that the DPRK’s TraderTraitor-connected agents were accountable for a number of prominent international cryptocurrency thefts.
These include the appropriation of $60 million worth of virtual currency from Alphapo on June 22, 2023, and the seizure of $37 million worth of virtual currency from CoinsPaid on June 22, 2023. Furthermore, $100 million worth of virtual currency was embezzled from Atomic Wallet on June 2, 2023.
The report also mentioned that the FBI had previously provided information about the group’s attack on Harmony’s Horizon Bridge and Sky Marvis’ Ethereum-linked sidechain, Ronin Bridge.
In addition, the FBI stated that it issued a Cybersecurity Advisory regarding TraderTraitor.
The report urged all entities within the private sector to meticulously examine the blockchain data linked to the addresses above.
The report underscored the FBI’s commitment to unveiling and countering the DPRK’s engagement in illicit activities, including cybercrimes and theft of virtual currencies, which generate revenue for the regime.
In conclusion, the report implored anyone with relevant information to contact their local FBI field office or the FBI’s Internet Crime Complaint Center at ic3.gov.
Rising Concern as North Korea Cyber-Attack Threat Rises
Over the years, the North Korean hacking group has actively engaged in numerous cryptocurrency-related exploits, resulting in the theft of crypto assets valued at billions of dollars.
Moreover, there is a growing concern that cyberattacks on cryptocurrency and technology companies, orchestrated with the support of North Korea, will steadily increase in sophistication.
As stated by former CIA analyst Soo Kim, generating income for the North Korean regime through international cryptocurrency means has become a recurring practice for the nation.
In a CNN interview last year, Kim noted that people should anticipate an increase in their methods for carrying out cryptocurrency-related attacks.
Additionally, in July 2022, a detailed exposé about North Korean hackers was shared on Twitter by The DeFi Edge.
What the Crypto Hacks Have in Common
• They tend to target bridges in Crypto
• They tend to focus on companies based in Asia, maybe because of language
• Most of the exploits start with social engineering by targeting unsuspecting employees, and getting them to open a file.
— Edgy – The DeFi Edge 🗡️ (@thedefiedge) July 7, 2022
The thread pointed out that these attacks on cryptocurrencies typically focus on vulnerable points, particularly targeting companies situated in Asia. It added that these attacks frequently commence by exploiting unsuspecting employees.
The country has been accused of being responsible for some of the most significant cyberattacks in recent cryptocurrency history. Notable instances include the $620 million breach of Axie Infinity and the $100 million breach of the Harmony protocol.
In addition, a report published by Coinclub on June 29, 2022, estimated that North Korea employs up to 7,000 full-time hackers dedicated to fundraising through cyberattacks, ransomware, and crypto-protocol breaches.
