The U.S. demands North Korean hacker Lazarus to return $2.67 million, exposing North Korean infiltrators in crypto startups.
The US government recently filed charges against the North Korean hacking group Lazarus Group and is seeking to recover $2.67 million in cryptocurrency assets. The cryptocurrencies being pursued in this case include USDT and wrapped Bitcoin BTC.b on the Avalanche network. Lazarus has been known for conducting widespread cyber attacks, resulting in significant losses for numerous cryptocurrency platforms worldwide.
Table of Contents
$1.7 Million USDT Stolen in Deribit Attack
According to legal documents filed by the U.S. government on October 4th, one of the funds being pursued is approximately $1.7 million in USDT. This fund originated from an attack on the cryptocurrency exchange Deribit in 2022, where Lazarus successfully breached Deribit's hot wallet and transferred USDT through the mixer Tornado Cash and multiple Ethereum addresses in an attempt to obfuscate the flow of funds. Note: Tornado Cash is an on-chain mixing protocol that can conceal the source of funds.
Another Source of Funds: $970,000 Stolen in BTC.b
Another stolen asset is the wrapped Bitcoin BTC.b on the Avalanche chain, valued at approximately $970,000. This fund originated from Lazarus' intrusion into the online gambling platform Stake.com in 2023, resulting in Stake.com losing over $41 million, with $970,000 in BTC.b being part of the funds hackers stole and concealed from Stake.com.
Recent Hacking Incidents by Lazarus
- June: Self-custodial wallet Atomic Wallet hacked, over $100 million stolen
- July: Crypto payment platform Alphapo's hot wallet private key stolen, over $23 million stolen, and Indian exchange WazirX hacked for around $235 million
- August: Crypto payment service CoinsPaid hacked with malicious software, around $37 million stolen
According to blockchain detective ZackXBT on Twitter, Lazarus not only directly hacks into platforms but also infiltrates cryptocurrency projects under false identities, modifies the code, and steals large sums of money.
FBI Provides Response Measures to Social Engineering Attacks
If your device is compromised, keep it powered on and immediately disconnect from the network to prevent loss of recoverable malicious software files.
Submit detailed complaints through the FBI's Internet Crime Complaint Center (IC3) at www.ic3.gov.
Provide law enforcement with detailed information about the incident, including screenshots of conversations with attackers and relevant data.
Discuss evidence collection and response measures with law enforcement, and consider assistance from cybersecurity companies if necessary.
Share experiences with colleagues and friends in a timely manner to raise awareness and increase information on North Korean cyberattacks.
FBI Discloses: North Korea aggressively targets the cryptocurrency industry, using social engineering to target employees of crypto companies.
Related
- Controversial influencer Logan Paul sues fraud investigation expert Coffeezilla for defamation
- Central News Agency (CNA) becomes a platform for promoting the ACE scam? Legislator Huang Kuo-chang strongly questions the Ministry of Culture, media chaos needs to be resolved
- Phishing Attack Prevention: Even a simple wallet transfer could lead to fraud!