The FBI warned that North Koreans are likely readying to cash out tens of millions worth of stolen cryptocurrency out of hundreds of millions stolen in the last year alone.
“Over the last 24 hours, the FBI tracked cryptocurrency stolen by the Democratic People’s Republic of Korea (DPRK) TraderTraitor-affiliated actors (also known as Lazarus Group and APT38),” the federal law enforcement agency said on Tuesday.
“The FBI believes the DPRK may attempt to cash out the bitcoin worth more than $40 million dollars.”
The statement follows an investigation that discovered the move of roughly 1,580 bitcoins stolen in previous crypto-heists to six cryptocurrency wallets.
The complete list of wallets linked to this activity includes the following Bitcoin addresses:
Cryptocurrency companies are advised to analyze the blockchain data linked to these addresses and exercise caution in preventing transactions involving them, both directly and indirectly.
“The FBI will continue to expose and combat the DPRK’s use of illicit activities—including cybercrime and virtual currency theft—to generate revenue for the regime,” the FBI said on Tuesday.
The warning comes on the heels of a recent TRM Labs report linking North Korean-backed hacking groups to the theft of more than $2 billion worth of crypto assets in the last five years as part of more than 30 attacks.
According to the same report, since the start of 2023, crypto heists linked to North Korea have led to losses of more than $200 million.
The FBI previously pinned the breach of Axie Infinity’s Ronin network bridge on Lazarus Group attackers, the largest cryptocurrency hack in history in which the hackers stole a record-breaking $620 million worth of Ethereum.
Lazarus was also linked to attacks targeting Harmony Horizon, Alphapo, CoinsPaid, and Atomic Wallet (among other firms providing crypto-related services), leading to reported losses of over $235 million.
Last month, GitHub warned of Lazarus attacks targeting developer accounts at blockchain, cryptocurrency, online gambling, and cybersecurity companies.