FBI: Attributes Spike of Cryptocurrency Thefts to Lazarus

Category: Threat Actor Activity | Industry: Financial | Source: FBI

The FBI has issued a warning to cryptocurrency companies regarding a surge in blockchain activity linked to the theft of substantial cryptocurrency amounts. Recent investigation efforts by the FBI have closely monitored cryptocurrency stolen by the Democratic People's Republic of Korea (DPRK) TraderTraitor-affiliated actors, also recognized as Lazarus Group and APT38. The FBI further cautions that DPRK actors might attempt to "cash out the bitcoin worth more than $40 million dollars." In the FBI's advisory, six cryptocurrency addresses were found to be used in the actors' heists of roughly 1,580 bitcoins.

Activity attributed to DPRK actors is frequently associated with cryptocurrency theft, aimed at generating monetary gains and revenue. The FBI highlights "several high-profile international cryptocurrency heists" attributed to the DPRK which include "the $60 million theft of virtual currency from Alphapo on June 22, 2023; the $37 million theft of virtual currency from CoinsPaid on June 22, 2023; and the $100 million theft of virtual currency from Atomic Wallet on June 2, 2023. The FBI also released advisories on attacks against Harmony’s Horizon Bridge and Sky Mavis from the DPRK.