The Federal Bureau of Investigation has published information on six cryptocurrency wallets operated by North Korean hackers and believed to be holding stolen funds.
The cryptocurrency addresses, the FBI says, hold roughly 1,580 Bitcoin that are likely related to the recent theft of cryptocurrency assets worth hundreds of millions of dollars.
“Over the last 24 hours, the FBI tracked cryptocurrency stolen by the Democratic People’s Republic of Korea (DPRK) TraderTraitor-affiliated actors (also known as Lazarus Group and APT38). The FBI believes the DPRK may attempt to cash out the bitcoin worth more than $40 million dollars,” the FBI says.
According to the agency, TraderTraitor-affiliated hackers stole $60 million and $37 million in cryptocurrency from Alphapo and CoinsPaid in July, and $100 million from Atomic Wallet in June.
Previously, the hackers stole crypto assets in attacks against Harmony’s Horizon bridge and Sky Mavis’ Ronin Bridge.
“Private sector entities should examine the blockchain data associated with these addresses and be vigilant in guarding against transactions directly with, or derived from, the addresses,” the FBI says.
In April 2023, the US government warned that the North Korea-linked Lazarus Group, which has been blamed for numerous high-profile cyberattacks, was targeting entities and exchanges in the blockchain and cryptocurrency industry to generate and launder funds.
Based on the shared indicators of compromise associated with this campaign, which the US government named TraderTraitor, GitHub linked North Korea to social engineering attacks targeting employees at technology firms in July.
North Korean hackers were also blamed for the July cyberattack on JumpCloud, for the 3CX hack, and for the AppleJeus operation.
Related: US, South Korea Detail North Korea’s Social Engineering Techniques
Related: US Sanctions North Korean University for Training Hackers
Related: North Korean Hackers Target Mac Users With New ‘RustBucket’ Malware
More from Ionut Arghire
- Generative AI Startup Nexusflow Raises $10.6 Million
- Researchers Extract Sounds From Still Images on Smartphone Cameras
- Hackers Set Sights on Apache NiFi Flaw That Exposes Many Organizations to Attacks
- Cloudflare Users Exposed to Attacks Launched From Within Cloudflare: Researchers
- FBI Warns Organizations of Dual Ransomware, Wiper Attacks
- Lumu Raises $30 Million for Threat Detection and Response Platform
- Cisco Warns of IOS Software Zero-Day Exploitation Attempts
- Russian Zero-Day Acquisition Firm Offers $20 Million for Android, iOS Exploits
Latest News
- Bankrupt IronNet Shuts Down Operations
- AWS Using MadPot Decoy System to Disrupt APTs, Botnets
- Generative AI Startup Nexusflow Raises $10.6 Million
- In Other News: RSA Encryption Attack, Meta AI Privacy, ShinyHunters Hacker Guilty Plea
- Researchers Extract Sounds From Still Images on Smartphone Cameras
- National Security Agency is Starting an Artificial Intelligence Security Center
- CISA Warns of Old JBoss RichFaces Vulnerability Being Exploited in Attacks
- Hackers Set Sights on Apache NiFi Flaw That Exposes Many Organizations to Attacks
