The FBI is warning that North Korean hackers may be selling Bitcoin worth $40 million
The FBI has issued a statement warning the cryptocurrency sector to be on the lookout for potentially illicit Bitcoin transactions with ties to the Democratic People’s Republic of Korea (DPRK).
According to the FBI, the bad guys are “TraderTraitor-affiliated actors,” also known as Lazarus Group or APT38. The FBI saw a large transaction involving around 1,580 bitcoins during the last day, with a market value of over $40 million. The DPRK’s possible preparations to sell off these assets have the Bureau very worried.
There has been a string of high-profile heists that have jolted the crypto industry, and these latest occurrences are revealing the details. Notable losses include $100 million through an exploit of Atomic Wallet and $60 million from payment processor Alphapo. Both events took place in June of 2023, suggesting that whoever committed them did so deliberately.
Already, previous breaches had captured the attention of the world. Losses from the Horizon Bridge breach, which exceeded $100 million, were traced back to the same organizations by the FBI last year.
Additionally, industry leaders in cybersecurity and communities throughout the world have been stressing the need to take precautions to protect sensitive data online. Palo Alto Networks CEO Nikesh Arora recently told CNBC that companies “needed to beef up and modernize their systems” to protect themselves against cybercriminals.
The loss of $625 million from the Ethereum-linked sidechain Ronin Bridge, which the FBI revealed with its cybersecurity alert on TraderTraitor, is another sharp reminder of the severity of this problem.
In response to these cyber dangers, the sector has shown resilience and cooperation. Exchanges and other crypto companies banded together to prevent Lazarus from transferring $63 million tied to the Horizon Bridge last year.
The FBI has so far identified six unique Bitcoin addresses that were used to transfer the stolen funds. To protect themselves against transactions that include or are generated from these addresses, they recommend that “private sector entities examine the blockchain data associated with these addresses and be vigilant.”