Home / News / Internet / FBI says North Korean hackers planning to cash out after high-profile crypto hacks

FBI says North Korean hackers planning to cash out after high-profile crypto hacks

The U.S. government believes North Korean hackers are preparing to cash out millions of dollars stolen in high-profile crypto hacks.

On Tuesday, the FBI warned cryptocurrency companies about blockchain activity related to the theft of hundreds of millions of dollars in cryptocurrency by the North Korea-backed Lazarus Group, also known as APT38 and “TraderTraitor.”

During the past 24 hours, the FBI tracked 1,580 Bitcoin worth over $40 million that North Korean hackers are holding in six crypto wallets. The FBI reported “several” cryptocurrency heists that stole these funds.

The June theft of virtual currency from Atomic Wallet involved hackers compromising 5,500 customer wallets to steal over $100 million. Elliptic, a blockchain analysis firm, previously said it had “high level of confidence” that the Lazarus Group was behind the attack and that the stolen crypto assets were laundered using “a series of steps that exactly match those employed to launder the proceeds of past hacks perpetrated by Lazarus Group.”

The FBI also accused Lazarus Group hackers of stealing $60 million from AlphaPo and $37 million from CoinsPaid.

A July post-mortem by CoinsPaid, which was shut down for four days, suspected Lazarus Group of the attack.

The wallet provider also confirmed that hackers contacted CoinsPaid employees via LinkedIn with high-paying job offers, a common North Korean tactic, to download malware-laced JumpCloud software. North Korean hackers breached JumpCloud to target cryptocurrency customers, which multiple cybersecurity firms linked to Lazarus Group.

The FBI advised that North Korean hackers will cash out $40 million in stolen funds in the coming days. Crypto organizations should review FBI-shared blockchain data on six Bitcoin addresses and “be vigilant in guarding against transactions directly with, or derived from the addresses.”

The FBI said it would expose and combat the DPRK’s use of cybercrime and virtual currency theft to generate revenue. Crypto thefts fund North Korea’s internationally sanctioned nuclear weapons program.

Lazarus Group was also linked to another crypto exchange hack, the theft of $100 million from Harmony’s Horizon Bridge and $625 million from the Ronin Network, an Ethereum-based sidechain for the popular play-to-earn game Axie Infinity.

Blockchain intelligence company TRM Labs reported that North Korean hackers stole almost $2 billion in cryptocurrency over 30 attacks since 2018, including almost $1 billion in 2022. According to the report, Lazarus Group has stolen $200 million in 2023, 20% of all stolen crypto.

The U.S. is offering $10 million for information on state-sponsored North Korean threat groups, including the Lazarus Group.

About Chambers

Check Also

With an eye on AI, Amazon adds Andrew Ng to its board. Former MTV executive McGrath will step down

If what corporate boards of directors do can show where a company wants to focus, …