FBI names cryptocurrency funds stolen by infamous Lazarus Group


The infamous Lazarus hackers linked with North Korea may soon attempt to cash out stolen bitcoin worth more than $40 million, the US Federal Bureau of Investigation (FBI) says.

In a press release, the FBI warned legitimate cryptocurrency companies of recent blockchain activity connected to the theft of hundreds of millions of dollars in cryptocurrency. It seems that the infamous Lazarus Group is trying to move stolen funds.

The FBI said on Tuesday that it had tracked cryptocurrency previously stolen by the Lazarus Group, also known as TraderTraitor-affiliated actors and APT38. The criminal group is sometimes also called Hidden Cobra and is a hacker unit believed to be backed by Pyongyang.

North Korea allegedly has 6,000 hackers and uses them for financial gain, as well as intelligence gathering. Experts say that Lazarus Group deploys highly sophisticated methods to retrieve money and intelligence from their targets.

However, the FBI now says that its investigation found that Lazarus Group moved approximately 1,580 bitcoin from several cryptocurrency heists, and is currently holding those funds in following bitcoin addresses:

  • 3LU8wRu4ZnXP4UM8Yo6kkTiGHM9BubgyiG
  • 39idqitN9tYNmq3wYanwg3MitFB5TZCjWu
  • 3AAUBbKJorvNhEUFhKnep9YTwmZECxE4Nk
  • 3PjNaSeP8GzLjGeu51JR19Q2Lu8W2Te9oc
  • 3NbdrezMzAVVfXv5MTQJn4hWqKhYCTCJoB
  • 34VXKa5upLWVYMXmgid6bFM4BaQXHxSUoL

Lazarus Group is responsible for quite a few high-profile crypto heists recently. On a single day in June 2023, the North Korean hackers stole $60 million of virtual currency from Alphapo, and $37 million from CoinsPaid, an Estonian crypto payment platform. Atomic Wallet also lost $100 million of virtual currency that same month.

Lazarus Group’s previous crypto heists resulted in tens or even hundreds of millions of dollars in losses.

For example, they’ve managed to snatch $721 million worth of cryptocurrency assets from Japan since 2017, grabbed $625m worth of cryptocurrencies from the Ronin exchange, and more recently stole $64 million related to the Harmony blockchain hack.

“Private sector entities should examine the blockchain data associated with these addresses and be vigilant in guarding against transactions directly with, or derived from, the addresses,” the Bureau said.

“The FBI will continue to expose and combat the DPRK’s use of illicit activities – including cybercrime and virtual currency theft – to generate revenue for the regime.”

The US government keeps track of how much money North Korea might have raised through cyberattacks worldwide.

The August 2019 UN Security Council 1718 Committee Panel of Experts report estimated that North Korea had attempted to steal as much as $2 billion, of which $571 million is attributed to cryptocurrency theft.