top of page
Writer's pictureBlockonome Gnome

U.S. Moves to Seize Millions from North Korean Hackers

Legal complaints target over $2.67 million in digital assets stolen by the infamous Lazarus Group, highlighting ongoing cyber threats.


U.S. Moves to Seize Millions from North Korean Hackers

The United States government has escalated its battle against North Korean cybercrime with the filing of two legal complaints on October 4, aiming to seize more than $2.67 million in digital assets stolen by the notorious Lazarus Group. The legal actions focus on recovering funds from high-profile hacks that have plagued the crypto sector, exposing vulnerabilities and raising alarms over the persistent threat of North Korean cyber operations.


The Lazarus Group, a state-backed hacking collective, has been linked to numerous cyberattacks targeting digital currencies. In one of the cases highlighted in the recent filings, the U.S. government seeks to reclaim approximately $1.7 million in Tether (USDT) that the group allegedly stole during the 2022 hack of Deribit, a major options exchange. That breach, which drained the exchange of $28 million, involved sophisticated maneuvers to obscure the trail of stolen funds.


According to the complaint, after gaining access to Deribit’s hot wallet, the hackers funneled the stolen assets through Tornado Cash, a crypto mixer designed to obfuscate transactions, before dispersing them across several Ethereum addresses. This tactic was aimed at avoiding detection and complicating efforts to trace the illicit activity.


The second complaint addresses approximately $970,000 in Avalanche-bridged Bitcoin (BTC.b) stolen during a 2023 attack on the Stake.com gambling platform. The assault left Stake with over $41 million in losses, adding to the long list of high-value crypto heists linked to the Lazarus Group.


These two cases represent just a fraction of the Lazarus Group’s extensive hacking activities. Onchain investigators believe the group was also behind the July 2024 breach of WazirX, an India-based crypto exchange, which resulted in a staggering $235 million loss. Such incidents illustrate the ongoing threat posed by North Korean cyber operatives to global cryptocurrency markets.


The Lazarus Group’s activities go beyond headline-grabbing exchange hacks. An investigation published on August 15 by onchain analyst ZackXBT revealed an intricate web of North Korean developers embedded in at least 25 different cryptocurrency projects. Using false identities, these developers allegedly infiltrated projects to manipulate code and drain digital treasuries. ZackXBT’s findings suggest that all of these developers are likely operating under the direction of a single entity, further solidifying the suspicion that these efforts are state-coordinated.


In response to these continued threats, the FBI has issued a series of warnings throughout September, cautioning businesses and individuals about the deceptive tactics employed by the Lazarus Group. Among these were alerts about social engineering scams, where hackers posed as recruiters offering fake job opportunities. These schemes involved building rapport with targets before persuading them to download malware disguised as job application materials, leading to data theft or unauthorized access to digital assets.


The coordinated actions by U.S. law enforcement, including the recent asset seizure efforts, underline the government's determination to disrupt the Lazarus Group’s operations. The legal filings are part of broader efforts to recover stolen assets and deter future attacks, aiming to hold North Korean hackers accountable while protecting the integrity of digital asset markets.


Despite the challenges, the U.S. government’s move to reclaim millions from these sophisticated cybercriminals signals a commitment to securing the evolving landscape of digital finance. As hackers continue to exploit the anonymity and borderless nature of cryptocurrencies, international cooperation and robust cybersecurity measures will be essential in the ongoing fight against crypto-enabled cybercrime.


photo source / Blockonome

Kommentare


Top Stories

bottom of page