FBI Alerts Crypto Companies: $40M Bitcoin Threat from Lazarus Group
The Federal Bureau of Investigation (FBI) has recently issued a statement warning crypto companies about an ongoing threat from the Lazarus Group, a notorious hacking group believed to have ties to the Democratic People’s Republic of Korea (DPRK). According to the FBI, the group may attempt to cash out stolen Bitcoin worth more than $40 million.
In their investigation, the FBI discovered that the Lazarus Group had moved approximately 1,580 BTC from various crypto heists and currently holds assets in six different wallet addresses. The group has gained notoriety for their attacks on platforms such as Sky Mavis’ Ronin Bridge and Harmony’s Horizon Bridge.
One of their recent targets was the payment processing platform Alphapo, from which they stole virtual assets on June 22, 2023. On the same day, they also carried out a $37 million theft, targeting crypto payment service provider CoinsPaid. CoinsPaid’s internal investigation revealed that the hackers had spent six months tracking and studying the payment service provider, using social engineering techniques to carry out the heist. The group employed similar tactics and money laundering schemes to their previous $100 million heist on Atomic Wallet.
CoinsPaid discovered that the majority of the stolen funds were withdrawn to SwftSwap as USDT tokens on the Avalanche-C blockchain. Subsequently, some of the funds were partially sent to the Ethereum blockchain and then transferred to the Avalanche and Bitcoin networks.
Due to these ongoing cyber threats, the FBI is urging private sector entities to thoroughly examine blockchain data associated with Lazarus Group addresses. It is crucial for parties to remain vigilant and guard against any transactions involving these addresses. The agency is committed to exposing and combating the DPRK’s use of illicit activities to generate revenue. CoinsPaid also advises entities to keep their infrastructure components updated and establish a monitoring and alerting system for any suspicious activities.
In conclusion, the FBI’s warning serves as a reminder to the crypto community to remain cautious in the face of cyber threats. The Lazarus Group’s history of successful attacks and their continued efforts to exploit vulnerabilities highlight the need for enhanced security measures. Crypto companies and individuals must take proactive steps to protect their assets and stay informed about emerging risks in the ever-evolving landscape of digital currencies.
