News

North Korean Hackers Seized $2.67 Million in Illicit Fund by US Government

Key Points:

  • The U.S. government is pursuing $2.67 million in cryptocurrency tied to North Korean hacker group Lazarus, linked to major hacks of Deribit and Stake.com.
  • The hackers used crypto mixers like Tornado Cash and Bitcoin bridges to obscure their stolen assets.
U.S. officials have provided more information on how North Korean hackers launder stolen cryptocurrency as they attempt to recover $2.67 million in digital assets from two of the largest hacks.

Read more: North Korean Lazarus Group Targets Crypto Scam Through Fake LinkedIn Accounts

U.S. Goes After North Korea Hackers in Bid to Seize $2.67 Million in Crypto

Most recently, the U.S. Attorney for the District of Columbia has filed two forfeiture actions to seize funds traced to the Lazarus Group, a North Korean hacking syndicate that has carried out such hacks against the crypto and financial sectors.

The first forfeiture complaint targets approximately $1.7 million worth of Tether (USDT), connected with the $28 million hack by Lazarus of crypto options exchange Deribit back in November 2022. According to investigators, the group used the crypto mixer Tornado Cash to muddy the digital trail of the stolen funds.

After accessing Deribit’s hot wallet server, North Korean hackers first converted the stolen assets to Ethereum and then laundered them using Tornado Cash, eventually ending up converting USDT on the Tron blockchain. These series of actions were traced by the law enforcement authorities, who successfully froze $1.7 million worth of USDT across five wallets.

The second forfeiture action targets $971,000 in Avalanche-bridged Bitcoin from the group’s $41 million hack of online crypto casino Stake.com. The Lazarus Group laundered the funds in a multi-stage system that included conversion of the hacked assets into BTC, percolation of such across mixing services Sinbad and Yonmix, and converting the BTC back to stable coins such as USDT.

North Korean Hackers Suspected in Multiple High-profile Cyber Attacks

The Lazarus Group has become infamous in both the crypto space and wider financial markets. The two attacks on Deribit and Stake.com were part of a larger pattern of cybercrime attributed to the group.

Investigators also suspect North Korean hackers of being involved in the hack of the WazirX exchange last July, which saw $235 million lost.

Harold

With a passion for untangling the complexities of the financial world, I've spent over four years in financial journalism, covering everything from traditional equities to the cutting edge of venture capital. "The financial markets are a fascinating puzzle," I often say, "and I love helping people make sense of them." That's what drives me to bring clear and insightful financial journalism to the readers of Coincu.

Recent Posts

Strategic Bitcoin Reserve Driven by 5-Year Commitment to Buy BTC

Senator Cynthia Lummis outlined the Strategic Bitcoin Reserve, which will sell part of the Fed's…

1 minute ago

Solana Spot ETF Applications Progress as SEC Reviews Forms

SEC evaluates Solana Spot ETF applications from VanEck, 21Shares, and Canary Funds, with Bitwise preparing…

37 minutes ago

Quai Network Testnet Launches With 10M QUAI Rewards

Quai Network Testnet launches with 10M QUAI rewards; partnership with Stork Oracle enables real-time commodity…

59 minutes ago

CHILLGUY Investor Turns $22K Into $2.48M Profit In Days

CHILLGUY investor turns $22.1K into $2.48M profit by buying on November 17-19; previously had a…

1 hour ago

Bitcoin Spot ETF Inflows Reach $796M On November 20

Bitcoin spot ETF inflows hit $796M on November 20, led by BlackRock’s IBIT with $627M.…

1 hour ago

MARA Convertible Notes Offering Now Completed With $1 Billion Raised

MARA convertible notes will be redeemed in 2026, and the remaining capital raised will be…

2 hours ago

This website uses cookies.