FBI Flags $40M Crypto Cash-Out Plot By North Korean Hackers

Written by

The Federal Bureau of Investigation (FBI) has issued a stark warning to cryptocurrency firms regarding a surge in blockchain activity linked to the theft of hundreds of millions in digital currency. 

The DPRK’s TraderTraitor group, also known as Lazarus Group and APT38, is suspected of orchestrating the heists. Between Monday and Tuesday, the FBI has traced approximately 1580 stolen Bitcoins, valued at over $40m, which may soon be cashed out by North Korean actors.

The hackers were reportedly responsible for major crypto heists, including a $60m hit on Alphapo, a $37m breach of CoinsPaid and a $100m theft from Atomic Wallet. 

“North Korea has been pillaging crypto exchanges for the past two years. Their nuclear missile program is funded by the proceeds of cybercrime,” commented Tom Kellermann, SVP of cyber strategy at Contrast Security.

“The regime has benefited from tech transfer from their Russian comrades, and as a result, they have dramatically improved their cybercrime capabilities. Crypto exchanges are highly vulnerable to application attacks, particularly against their APIs. Crypto exchanges must invest in API security.”

Read more about cyber-attacks against these entities: Crypto-Exchange Used to Launder Ransomware Transactions Dismantled

Writing in a press release published on Tuesday, the FBI urged vigilance among private sector entities, encouraging scrutiny of blockchain data to prevent transactions connected to the theft.

“Private sector entities should examine the blockchain data associated with [the] addresses [mentioned in the release] and be vigilant in guarding against transactions directly with, or derived from, the addresses,” the FBI advised.

The agency said it remains committed to countering DPRK’s cybercrime efforts: “The FBI will continue to expose and combat the DPRK’s use of illicit activities—including cybercrime and virtual currency theft—to generate revenue for the regime.”

Anyone with relevant information is urged to contact their local FBI office or use the Internet Crime Complaint Center (IC3).

What’s hot on Infosecurity Magazine?