Key Takeaways
An FBI report issued a warning regarding six crypto wallets suspected to belong to the Democratic People’s Republic of Korea (also known as North Korea). Federal agents tracked stolen crypto which landed in wallets belonging to infamous hacking groups known as Lazarus Group and APT38.
“The FBI is warning cryptocurrency companies of recent blockchain activity connected to the theft of hundreds of millions of dollars in cryptocurrency. Over the last 24 hours, the FBI tracked cryptocurrency stolen by the Democratic People’s Republic of Korea (DPRK) TraderTraitor-affiliated actors (also known as Lazarus Group and APT38),” states the report.
“The FBI believes the DPRK may attempt to cash out the bitcoin worth more than $40 million dollars.”
“The FBI investigation found the TraderTraitor-affiliated actors moved approximately 1,580 bitcoin from several cryptocurrency heists and are currently holding those funds in the following bitcoin addresses:
3LU8wRu4ZnXP4UM8Yo6kkTiGHM9BubgyiG
39idqitN9tYNmq3wYanwg3MitFB5TZCjWu
3AAUBbKJorvNhEUFhKnep9YTwmZECxE4Nk
3PjNaSeP8GzLjGeu51JR19Q2Lu8W2Te9oc
3NbdrezMzAVVfXv5MTQJn4hWqKhYCTCJoB
34VXKa5upLWVYMXmgid6bFM4BaQXHxSUoL”
US government has been keeping close tabs on DPRK and Lazarus for a while.
Bill Hughes, a former Associate Deputy Attorney General and attorney at ConsenSys, tweeted on recent government regulation bills that aim to tackle crypto hacks and scams by requiring personal information to be saved on crypto wallets.
“Sens. Reed, Rounds, Warner, and Romney draft bill proposed to clarify the applicability of sanctions and anti-money laundering compliance obligations to United States persons in the decentralized finance technology sector and virtual currency kiosk operators, and for other purposes.”
My first take, which you should take with a grain of salt because its based off of 30-60 min with new statutory language, but It’s a doozy! And you can thank Lazarus, the DRPK, the #crypto ecosystem’s inability to keep them from running roughshod, and the intelligence community’s alarm about the whole thing (as guided by Ben McKenzie of course, (jk)), and the growing concern among lawmakers on Capitol Hill.”
But, then again, Hughes has a cynical look of how things would work out with Lazarus.
“Unless Lazarus magically disappears tomorrow, whether because they move on to hacking drones or AI, or because Kim Jong Un has a change of heart and drops the whole Communist Dystopia thing, then some legislation in the US that seeks to solve for a growing national security problem WILL probably, eventually get enough support to go through. And the risk that something squeaks through on a must-approve vehicle goes up as the status quo progresses.”
A report by TRM Insights states that “North Korean hackers have stolen over USD 2 billion in cryptocurrencies in over 30 attacks.”
However, the report also states that the total amount of crypto stolen cryptocurrency attacks in 2023 is lower than numbers during the year prior.
According to TRM “North Korea exploits vulnerabilities in the crypto ecosystem in a variety of ways including through phishing and supply chain attacks, and through infrastructure hacks which involve private key or seed phrase compromises.”
Furthermore “North Korea conducted the largest cryptocurrency hack on record, stealing USD 625 million from Ronin Bridge in March 2022 using stolen private keys.”
TRM and Hughes did not immediately respond to a request for comment.
The Proposed Crypto-Asset National Security Enhancement and Enforcement would require wallet holders to register personal information to be tracked by the government in case of mishaps.
According to a government’s press release, the CANSEE Act would end special treatment for DeFi by applying the same national security laws that apply to banks and securities brokers, casinos and pawn shops, and even other cryptocurrency companies like centralized trading platforms.
That means DeFi services would be forced to meet basic obligations, most notably to maintain AML programs, conduct due diligence on their customers, and report suspicious transactions to FinCEN.
These requirements will close an attractive avenue for money laundering that has been routinely exploited over the past several months by the North Korean government, Chinese chemicals manufacturers, Mexican drug cartels, cybercriminals, ransomware attackers, scammers, and a host of other bad actors.”