US seizes $30 million worth of stolen cryptocurrency from North Korean hackers – CNN | Jewelry Dukan



CNN

The FBI and private investigators have seized about $30 million worth of cryptocurrency stolen from a video game company in March by hackers with ties to the North Korean government, according to Chainalysis, a US firm that said it had ties with the FBI worked together to get the stolen money back.

It’s the latest example of a concerted effort by US law enforcement to recover some of the hundreds of millions of dollars Pyongyang’s hackers have allegedly looted from cryptocurrency firms in recent months — money US officials fear is being used to fund North Korea’s nuclear weapons programs is used.

The recovered $30 million is a fraction of the equivalent of more than $600 million that the North Korean hackers originally stole from Sky Mavis, a company with an office in Vietnam that makes a popular video game that allows users to earn digital money, according to the FBI can earn . But the seizure is still a breakthrough for law enforcement, and investigators are actively trying to recover some of the remaining loot, according to Erin Plante, Chainalysis’ senior director of investigations.

The FBI and Justice Department did not immediately respond to CNN’s request for comment.

“The money was frozen [law enforcement]Sky Mavis co-founder Aleksander Leonard Larsen told CNN. “No funds have been returned to date and we anticipate it will take some time for the community to recover the funds. Also note that all user funds have been refunded.”

The Wall Street Journal first reported on the seizure.

Hackers backed by the North Korean government have stolen the equivalent of billions of dollars by raiding cryptocurrency exchanges in recent years, according to the United Nations.

In a separate but related activity, a recent CNN investigation revealed that North Korean agents posing as other nationalities had attempted to land jobs at cryptocurrency firms in the US and abroad. US officials have publicly warned that the activity is part of an effort to generate “a critical revenue stream” that will help fund the North Korean regime’s “top economic and security priorities,” including its weapons programs.

North Korean hackers also used ransomware — malicious software that locks computers in a racketeering scheme — to target medical providers in Kansas and Colorado over the past year, according to the US Department of Justice. The department recovered half a million dollars extorted from the North Koreans in those cases, Deputy Attorney General Lisa Monaco said in July.

The Ministry of Finance has attempted to crack down on North Korean cryptocurrency hackers’ attacks by sanctioning some accounts they use to transfer funds and a “mixer,” or service the hackers allegedly used to launder stolen cryptocurrency.

These actions have made it difficult for North Korean hackers to pay out the stolen funds, Plante said.

“That’s a lot of dirty money, so it’s getting harder and harder to get those funds to a service to be paid out,” Plante told CNN.

But there are still many mixed services that haven’t been sanctioned, Plante said, adding she expects the North Korean hackers to change services to try to evade US law enforcement.

For investigators, the time immediately after a hack is crucial to recover funds that the attackers are attempting to launder via cryptocurrency accounts. The FBI continues to urge victims to share information about these accounts soon after a hack is discovered to increase the chances of recovering stolen funds.

Justice Department officials in June 2021 seized about half of an estimated $4.4 million ransom payment paid to Russian-speaking hackers by Colonial Pipeline, which supplies about 45% of the fuel consumed on the East Coast.

But seizures still account for only a fraction of the billions of dollars that cybercrime makes annually. According to Chainalysis, cyber criminals received more than $1.2 billion in ransom payments combined in 2020 and 2021.

North Korean computer agents, like those of other foreign powers, are also tasked with gathering valuable intelligence for the regime, according to US officials and cybersecurity experts. Between February and July, suspected North Korean hackers were involved in a spying campaign to gather information about energy companies in the US, Japan and Canada, Talos, Cisco’s threat intelligence unit, said Thursday.

Leave a Comment