Security News

US Sues North Korean Hackers to Recover $2.7M in Stolen Cryptocurrency

The US Government is suing North Korean hackers in order to obtain access to 280 virtual currency accounts containing more than $2.7 million.

The lawsuit involves two separate hacks, the first occurring in July, 2019, when it's alleged that a virtual currency exchange was hacked by actors tied to North Korea and $272,000 worth of alternative cryptocurrencies and tokens were stolen.

The second attack took place in September 2019, when it's alleged the same hackers accessed a US-based company and stole $2.5 million from, among others, its virtual currency wallets.

These monies were then allegedly converted into Bitcoin (BTC) - a process known as 'chain hopping', intended to obscure the transaction path - and laundered via Chinese over-the-counter (OTC) cryptocurrency traders.

However, while the identity of a Bitcoin address owner is generally anonymous, this isn't always the case.

"Law enforcement can identify the owner of a particular (Bitcoin) address by analyzing the blockchain," state the court documents. "The analysis can also reveal additional addresses controlled by the same individual or entity."

This wasn't the first time the US Government had encountered the Chinese OTC actors. In March this year, the US Government filed a forfeiture action alleging that $250 million in cryptocurrency was was stolen by North Korean hackers and laundered by the same group of actors.

"Today’s action publicly exposes the ongoing connections between North Korea’s cyber-hacking program and a Chinese cryptocurrency money laundering network,” said Acting Assistant Attorney General Brian C. Rabbitt of the Justice Department’s Criminal Division.

Adding to this, Special Agent in Charge Steven Cagen of U.S. Immigration and Customs Enforcement’s Homeland Security Investigations (HSI) Denver, stated: "As North Korea becomes bolder and more desperate in their efforts to steal money using sophisticated money laundering techniques, HSI will continue to apply pressure by exposing their fraudulent transactions."


Thanks for visiting SecAlerts and reading this story. We offer a free weekly CVE alert service, or an hourly service from $US20/mth, both of which include software updates and news relating to your software stack. Join more than 1,300 other users and sign up.

. . .

If you want to stay notified of vulnerabilities that affect you, register for a weekly security report customised to your stack.

Receive alerts for vulnerabilities, zero-days, security news and more

Try our FREE 14-day trial. See an example email

Example email for SecAlerts