
The U.S. Federal Bureau of Investigation (FBI) has uncovered a plot involving hackers attempting to cash out more than $40 million in stolen funds through six Bitcoin addresses. The FBI issued an advisory urging caution among crypto companies and cautioning against transactions directly or indirectly involving the identified addresses. The hackers behind this scheme are believed to be affiliated with the North Korea-backed Lazarus Group, also known as APT38 and “TraderTraitor.”
The FBI tracked around 1,580 Bitcoin, valued at over $40 million, in six separate crypto wallets over the past 24 hours. These funds were reportedly stolen during multiple cryptocurrency heists. The advisory stated:
“The FBI is warning cryptocurrency companies of recent blockchain activity connected to the theft of hundreds of millions of dollars in cryptocurrency. Over the last 24 hours, the FBI tracked cryptocurrency stolen by the Democratic People’s Republic of Korea (DPRK) TraderTraitor-affiliated actors (also known as Lazarus Group and APT38).”
The hackers, affiliated with the Lazarus Group, have been linked to several high-profile international cryptocurrency thefts, including the $60 million theft from Alphapo, the $37 million theft from CoinsPaid, and the $100 million theft from Atomic Wallet, all occurring in June 2023.
The FBI encouraged private sector entities to thoroughly examine blockchain data linked to the identified hackers’ addresses and exercise vigilance in avoiding transactions involving those addresses. The FBI vowed to continue addressing and countering North Korea’s use of illicit activities, such as cybercrime and virtual currency theft, for generating revenue.
According to a report by blockchain intelligence company TRM Labs, North Korean hackers have stolen nearly $2 billion in cryptocurrency since 2018 across more than 30 attacks. The Lazarus Group, responsible for these actions, has reportedly stolen around $200 million in 2023 alone, constituting over 20% of all crypto stolen this year.