FBI Ties $40 Million in Stolen Crypto to North Korea

The FBI says a hacker group with ties to North Korea may try to sell $40 million in stolen bitcoin.

“Over the last 24 hours, the FBI tracked cryptocurrency stolen by the Democratic People’s Republic of Korea (DPRK) TraderTraitor-affiliated actors (also known as Lazarus Group and APT38),” the agency said in a news release Tuesday (Aug. 22).

The FBI says the group was behind a number of “high-profile” crypto heists recently, including the $100 million theft of virtual currency from Atomic Wallet on June 2.

The agency says it determined that “TraderTraitor-affiliated actors” moved about 1,580 bitcoin from several heists and are holding those funds at these bitcoin addresses:

  • 3LU8wRu4ZnXP4UM8Yo6kkTiGHM9BubgyiG
  • 39idqitN9tYNmq3wYanwg3MitFB5TZCjWu
  • 3AAUBbKJorvNhEUFhKnep9YTwmZECxE4Nk
  • 3PjNaSeP8GzLjGeu51JR19Q2Lu8W2Te9oc
  • 3NbdrezMzAVVfXv5MTQJn4hWqKhYCTCJoB
  • 34VXKa5upLWVYMXmgid6bFM4BaQXHxSUoL

“Private sector entities should examine the blockchain data associated with these addresses and be vigilant in guarding against transactions directly with, or derived from, the addresses,” the release added.

Earlier this year, a report by the United Nations said North Korea stole a record amount of cryptocurrency assets in 2022, targeting the networks of aerospace and defense companies.

The UN claims North Korea used “increasingly sophisticated cyber techniques both to gain access to digital networks involved in cyber finance, and to steal information of potential value, including to its weapons programs.”

The report — compiled by independent sanctions monitors — cites estimates from South Korea that hackers connected to its neighboring country pilfered $630 million in crypto last year, while a cybersecurity company put the figure at north of $1 billion.

That’s in keeping with a report from blockchain data firm Chainalysis, which found that North Korean hackers stole $1.7 billion in 2022.

“The crypto industry has historically suffered from the perception that its anonymous and decentralized technical architecture provides a haven for money laundering and other illicit activities around the globe,” PYMNTS wrote after Chainalysis released its findings.

Last week saw reports that the crypto lender Exactly Protocol suffered a hack that led to the loss of as much as $12 million.

The decentralized credit market, which operates on the Optimism network, was targeted by a bridge exploit to move deposits to Optimism, before moving the stolen funds back to Ethereum.