The recent surge in blockchain activity linked to the theft of millions in digital currency has prompted the Federal Bureau of Investigation (FBI) to issue a stark warning to cryptocurrency firms. The DPRK’s TraderTraitor group, also known as Lazarus Group and APT38, is suspected of orchestrating the heists, with approximately 1580 stolen Bitcoins, valued at over $40m, traced by the FBI between Monday and Tuesday.
The hackers, believed to be behind major crypto heists such as a $60m hit on Alphapo, a $37m breach of CoinsPaid, and a $100m theft from Atomic Wallet, have been attributed to North Korean actors. Tom Kellermann, SVP of cyber strategy at Contrast Security, highlighted that North Korea has been pillaging crypto exchanges for the past two years to fund its nuclear missile program. He emphasized the need for crypto exchanges to invest in API security, as they are highly vulnerable to application attacks.
In a press release, the FBI urged private sector entities to be vigilant and scrutinize blockchain data to prevent transactions connected to the theft. The agency emphasized the importance of guarding against transactions directly with, or derived from, the addresses mentioned in the release. The FBI remains committed to countering DPRK’s cybercrime efforts and encouraged anyone with relevant information to contact their local FBI office or use the Internet Crime Complaint Center (IC3).
The rise in cyber-attacks targeting cryptocurrency firms underscores the need for enhanced security measures within the industry. As North Korean actors continue to exploit vulnerabilities in crypto exchanges, it is crucial for businesses to prioritize API security and proactive monitoring of blockchain data. By remaining vigilant and cooperating with law enforcement agencies, the industry can mitigate the risks associated with digital currency theft and protect against malicious actors.