News

US Sues North Korean Hackers to Recover $2.7M in Stolen Cryptocurrency

Giulio Saggin
Giulio Saggin
Tuesday 28 November 2023

The US Government is suing North Korean hackers in order to obtain access to 280 virtual currency accounts containing more than $2.7 million.

The lawsuit involves two separate hacks, the first occurring in July, 2019, when it's alleged that a virtual currency exchange was hacked by actors tied to North Korea and $272,000 worth of alternative cryptocurrencies and tokens were stolen.

The second attack took place in September 2019, when it's alleged the same hackers accessed a US-based company and stole $2.5 million from, among others, its virtual currency wallets.

These monies were then allegedly converted into Bitcoin (BTC) - a process known as 'chain hopping', intended to obscure the transaction path - and laundered via Chinese over-the-counter (OTC) cryptocurrency traders.

However, while the identity of a Bitcoin address owner is generally anonymous, this isn't always the case.

"Law enforcement can identify the owner of a particular (Bitcoin) address by analyzing the blockchain," state the court documents. "The analysis can also reveal additional addresses controlled by the same individual or entity."

This wasn't the first time the US Government had encountered the Chinese OTC actors. In March this year, the US Government filed a forfeiture action alleging that $250 million in cryptocurrency was was stolen by North Korean hackers and laundered by the same group of actors.

"Today's action publicly exposes the ongoing connections between North Korea’s cyber-hacking program and a Chinese cryptocurrency money laundering network,” said Acting Assistant Attorney General Brian C. Rabbitt of the Justice Department’s Criminal Division.

Adding to this, Special Agent in Charge Steven Cagen of U.S. Immigration and Customs Enforcement’s Homeland Security Investigations (HSI) Denver, stated: "As North Korea becomes bolder and more desperate in their efforts to steal money using sophisticated money laundering techniques, HSI will continue to apply pressure by exposing their fraudulent transactions."

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203