U.S. Government Targets Stolen Crypto Assets from North Korean Hackers

On October 4, 2024, the U.S. government took legal steps to recover over $2.67 million in digital assets that were allegedly pilfered by North Korea's Lazarus Group.

The action targets approximately $1.7 million in Tether (USDT), linked to a 2022 hack of the Deribit exchange, which suffered losses totaling $28 million.

Following the breach, the hackers funneled the stolen funds through Tornado Cash and multiple Ethereum wallets to obscure their trail. Additionally, the government is pursuing around $970,000 in Avalanche-bridged Bitcoin (BTC.b) stolen during the Lazarus Group’s attack on Stake.com in 2023, which resulted in over $41 million in damages.

The Lazarus Group has been connected to numerous cyberattacks, including the July 2024 hack of WazirX, where about $235 million was taken. A report by onchain analyst ZackXBT highlighted a network of North Korean developers infiltrating at least 25 cryptocurrency projects, using fake identities to exploit vulnerabilities and steal assets.

In response to the group’s activities, the FBI issued warnings in September 2024 regarding scams involving false job offers, where unsuspecting users were tricked into downloading malware disguised as employment documents, leading to potential data breaches.