FBI Identifies North Korean Hacking Group’s Stolen BTC Wallets

The United States Federal Bureau of Investigation (FBI) has identified six Bitcoin wallets associated with Lazarus, a hacking organization supported by the North Korean government.

The six wallets contain 1,580 BTC valued at $40 million that is believed to have been stolen in numerous hacks of cryptocurrencies over the past year.

In its investigation, the FBI discovered that Lazarus Group moved approximately 1,580 BTC in connection with multiple crypto exploits. These funds are currently located at the addresses listed below.

• 3LU8wRu4ZnXP4UM8Yo6kkTiGHM9BubgyiG
• 39idqitN9tYNmq3wYanwg3MitFB5TZCjWu
• 3AAUBbKJorvNhEUFhKnep9YTwmZECxE4Nk
• 3PjNaSeP8GzLjGeu51JR19Q2Lu8W2Te9oc
• 3NbdrezMzAVVfXv5MTQJn4hWqKhYCTCJoB
• 34VXKa5upLWVYMXmgid6bFM4BaQXHxSUoL

The FBI cautioned crypto companies that the movement of funds linked to the notorious North Korean hacking group could be an indication that the hackers are preparing to sell.

“Private sector entities should examine the blockchain data associated with these addresses and be vigilant in guarding against transactions directly with, or derived from, the addresses.”

The federal investigation agency advised crypto companies to keep an eye out for the six BTC wallets and to use blockchain data to monitor any fund transfers.

The North Korean cyber group has participated in multiple crypto-related exploits over the years, stealing crypto assets worth billions of dollars.

According to a recent report by TRM Labs, North Korean hackers have seized nearly $2 billion in cryptocurrency since 2018. The group was at its most active in 2022, stealing nearly $1 billion worth of crypto assets.

Lazarus Group was identified as the mastermind behind Harmony’s Horizon Bridge and Sky Mavis’ $625 million attack on the Ethereum-linked sidechain Ronin Bridge in 2022.

Despite an increase in crypto-linked exploits due to code vulnerabilities in platforms and protocols as a result of the sophistication of these hackers’ methods, the public ledger of blockchain technology makes it difficult for exploiters to launder or transfer their illicit gains.

Multiple times in the past, law enforcement agencies such as the FBI and crypto companies have collaborated to block funds associated with such exploits.

In early February of this year, Huobi and Binance froze crypto assets worth $1.4 million attributed to North Korea. Similarly, crypto exchanges suspended $63 million worth of assets related to the Harmony Bridge hack.