The Federal Bureau of Investigation (FBI) has identified six Bitcoin wallets associated with Lazarus, a hacking organization supported by the North Korean government. The six wallets contain 1,580 Bitcoin valued at $40 million.
In its investigation, the FBI discovered that the Lazarus group transferred approximately 1,580 BTC using multiple cryptographic exploits. These funds are currently located at the addresses listed below.
- 3LU8wRu4ZnXP4UM8Yo6kkTiGHM9BubgyiG
- 39idqitN9tYNmq3wYanwg3MitFB5TZCjWu
- 3AAUBbKJorvNhEUFhKnep9YTwmZECxE4Nk
- 3PjNaSeP8GzLjGeu51JR19Q2Lu8W2Te9oc
- 3NbdrezMzAVVfXv5MTQJn4hWqKhYCTCJoB
- 34VXKa5upLWVYMXmgid6bFM4BaQXHxSUoL
The FBI cautioned crypto companies that the movement of funds linked to the notorious North Korean hacking group could indicate that the hackers are preparing to sell.
The federal investigation agency advised crypto companies to watch for the six BTC wallets and use blockchain data to monitor any fund transfers.
“Private sector entities should examine the blockchain data associated with these addresses and be vigilant in guarding against transactions directly with, or derived from, the addresses.”
The North Korean cyber group has participated in multiple crypto-related exploits over the years, stealing crypto assets worth billions of dollars.
According to a recent report by TRM Labs, North Korean hackers have seized nearly $2 billion in cryptocurrency since 2018. The group was most active in 2022, stealing almost $1 billion of crypto assets.
The Lazarus group has been identified as the mastermind behind Harmony’s Horizon Bridge and Sky Mavis’ $625 million attack on Ethereum-linked sidechain Ronin Bridge in 2021.
Although crypto-linked exploits due to code vulnerabilities in platforms and protocols have increased due to the sophistication of these hackers’ methods, blockchain technology still makes it difficult for exploiters to launder or transfer their illicit gains due to the public ledger that enables the tracking of the movement of funds.
In the past, law enforcement agencies such as the FBI and crypto companies have collaborated to block funds associated with such exploits.
Huobi and Binance froze crypto assets worth $1.4 million attributed to North Korea in early February. Similarly, crypto exchanges suspended $63 million worth of assets related to the Harmony Bridge hack.
