The Federal Bureau of Investigation (FBI) has issued a strong warning to cryptocurrency firms regarding a surge in blockchain activity associated with the theft of millions in digital currency.
The DPRK’s TraderTraitor group, also known as Lazarus Group and APT38, is suspected of being behind these heists. The FBI has recently traced approximately 1580 stolen Bitcoins, valued at over $40 million, which may soon be cashed out by North Korean actors.
These hackers have been linked to several major crypto heists, including a $60 million hit on Alphapo, a $37 million breach of CoinsPaid, and a $100 million theft from Atomic Wallet.
Tom Kellermann, SVP of cyber strategy at Contrast Security, commented on the situation, stating, “North Korea has been pillaging crypto exchanges for the past two years. Their nuclear missile program is funded by the proceeds of cybercrime. The regime has benefited from tech transfer from their Russian comrades, and as a result, they have dramatically improved their cybercrime capabilities. Crypto exchanges are highly vulnerable to application attacks, particularly against their APIs. Crypto exchanges must invest in API security.”
The FBI, in a press release published on Tuesday, urged private sector entities to be vigilant and scrutinize blockchain data to prevent transactions connected to the theft. They advised, “Private sector entities should examine the blockchain data associated with [the] addresses [mentioned in the release] and be vigilant in guarding against transactions directly with, or derived from, the addresses.”
The agency reaffirmed its commitment to countering DPRK’s cybercrime efforts, stating, “The FBI will continue to expose and combat the DPRK’s use of illicit activities—including cybercrime and virtual currency theft—to generate revenue for the regime.”
Individuals with relevant information are encouraged to contact their local FBI office or use the Internet Crime Complaint Center (IC3).
For more information on cyber-attacks against these entities, you can read about the dismantling of a Crypto-Exchange used to launder ransomware transactions.
Stay informed and stay safe in the world of cryptocurrency as cyber threats continue to evolve.