- Funds were stolen by Lazarus Group and APT38, both affiliated with TraderTraitor
- The FBI has identified the Bitcoin addresses holding the stolen assets
The FBI is warning cryptocurrency firms of recent blockchain activity linked to the theft of hundreds of millions of dollars in cryptocurrency, according to an August 22 blog post on its website.
In the 24 hours preceding the announcement, the FBI tracked cryptocurrency stolen by malicious entities from the Democratic People’s Republic of Korea (DPRK). More specifically, these are Lazarus Group and APT38, both of whom are affiliated with TraderTraitor.
The FBI believes they could try to cash out stolen Bitcoin worth more than $40 million dollars.
FBI identified the addresses holding the funds
Investigators determined the TraderTraitor-affiliated entities had moved around 1,580 BTC stolen in several exploits and were currently holding the funds in the following Bitcoin addresses:
· 39idqitN9tYNmq3wYanwg3MitFB5TZCjWu
· 3LU8wRu4ZnXP4UM8Yo6kkTiGHM9BubgyiG
· 3AAUBbKJorvNhEUFhKnep9YTwmZECxE4Nk
· 3NbdrezMzAVVfXv5MTQJn4hWqKhYCTCJoB
· 3PjNaSeP8GzLjGeu51JR19Q2Lu8W2Te9oc
· 34VXKa5upLWVYMXmgid6bFM4BaQXHxSUoL
The DPRK entities associated with TraderTraitor were responsible for the following high-profile international crypto exploits:
· $37 million stolen from CoinsPaid on June 22 this year
· $60 million stolen from Alphapo on June 22 this year
· $100 million stolen from Atomic Wallet on June 2 this year
Earlier, the FBI reported data on attacks against Axie Infinity’s Ronin Bridge and Harmony’s Horizon Bridge and provided a Cybersecurity Advisory on TraderTraitor. In March last year, gaming-focused Ronin Network announced a loss equivalent to more than $625 million in ether and USDC. It was one of the largest crypto hacks in history. Lazarus Group was believed to be behind the attack.
Private sector encouraged to inspect blockchain data
The FBI urges private sector entities to inspect the blockchain data linked to the above addresses and try to prevent transactions directly associated with the addresses or derived from them.
The US law enforcement agency will keep making efforts to expose and combat North Korean cybercriminals’ use of illegal activities to generate revenue for the country’s communist government. These activities include cybercrime and theft of digital currency.
According to data of Bankless Times, North Korea extracted nearly $400 million worth of digital assets through attacks on crypto platforms in 2021.
