Plans by hackers to cash out over $40 million in stolen funds through six Bitcoin addresses have been exposed by the United States Federal Bureau of Investigation (FBI).
In an advisory it issued on Tuesday, the federal bureau cautioned crypto companies to be observant against transactions directly emanating, or derived from the addresses of the hackers it provided.
The bureau urged all crypto firms to examine the blockchain data associated with those addresses.
According to the FBI, the hackers are affiliated with the North Korea-backed Lazarus Group, also referred to as APT38 and “TraderTraitor.”
The North Korean hackers are presently holding approximately 1,580 Bitcoin, worth more than $40 million in six different crypto wallets, that were stolen during numerous cryptocurrency thefts, the FBI stated.
Part of the advisory read:
“The FBI is warning cryptocurrency companies of recent blockchain activity connected to the theft of hundreds of millions of dollars in cryptocurrency. Over the last 24 hours, the FBI tracked cryptocurrency stolen by the Democratic People’s Republic of Korea (DPRK) TraderTraitor-affiliated actors (also known as Lazarus Group and APT38). The FBI believes the DPRK may attempt to cash out the bitcoin worth more than 40 million dollars.
“The DPRK TraderTraitor-affiliated actors were responsible for several high-profile international cryptocurrency heists including the $60 million theft of virtual currency from Alphapo on June 22, 2023; the $37 million theft of virtual currency from CoinsPaid on June 22, 2023; and the $100 million theft of virtual currency from Atomic Wallet on June 2, 2023.
“The FBI previously provided information on their attacks against Harmony’s Horizon bridge and Sky Mavis’ Ronin Bridge and provided a Cybersecurity Advisory on TraderTraitor.”
“The FBI will continue to expose and combat the DPRK’s use of illicit activities—including cybercrime and virtual currency theft—to generate revenue for the regime,” it added.
Since 2018, North Korean hackers have stolen almost $2 billion in cryptocurrency over more than 30 attacks. This sum includes almost $1 billion stolen in 2022 alone, reports TRM Labs, a blockchain intelligence company.
The report further noted that so far in 2023, the Lazarus Group is responsible for over 20% of all stolen crypto this year, approximately $200 million.