Serviceteam IT Security News

The United States is trying to forfeit 280 cryptocurrency accounts tied to cyber-attacks on two virtual currency exchanges, which were allegedly perpetrated by North Korean threat actors.

According to a civil forfeiture complaint filed by the Justice Department yesterday, malicious actors stole millions of dollars’ worth of cryptocurrency and ultimately laundered the funds through Chinese over-the-counter (OTC) cryptocurrency traders. 

The complaint alleges that in July 2019, an actor tied to North Korea hacked a virtual currency exchange and stole over $272,000 worth of cryptocurrencies and tokens, including Proton Tokens, PlayGame tokens, and IHT Real Estate Protocol tokens.  

Stolen funds were converted into other forms of cryptocurrency in a process known as chain hopping to obfuscate the money trail. The currency was then laundered through several intermediary addresses and other virtual currency exchanges. 

It is further alleged that the hacker stole nearly $2.5m from a US company’s virtual currency wallets in September 2019, then laundered it through over 100 accounts at another currency exchange.

The complaint follows related criminal and civil actions announced by the department in March this year regarding the theft of $250m in cryptocurrency through other exchange hacks by North Korean actors.

“Today’s action publicly exposes the ongoing connections between North Korea’s cyber-hacking program and a Chinese cryptocurrency money laundering network,” said Acting Assistant Attorney General Brian Rabbitt of the Justice Department’s Criminal Division. 

Assistant Attorney General John Demers of the Justice Department’s National Security Division said that while the forfeiture of the accounts could bring some relief to victims, it would do nothing to stop North Korea from committing cybercrimes against the financial industry. 

“Today, prosecutors and investigators have once again exemplified our commitment to attribute national security cyber-threats, to impose costs on these actors, and bring some measure of relief to victims of malicious cyber activities,” said Demers yesterday.

“Although North Korea is unlikely to stop trying to pillage the international financial sector to fund a failed economic and political regime, actions like those today send a powerful message to the private sector and foreign governments regarding the benefits of working with us to counter this threat.”

Source: Infosecurity Magazine

With over 20 years of experience, Serviceteam IT design and deliver sophisticated connectivity, communication, continuity, and cloud services, for organisations that need to stay connected 24/7. We take the time to fully understand your current challenges, and provide a solution that gives you a clear understanding of what you are purchasing and the benefits it will bring you.

To find out how we can help you, call us on 0121 468 0101, use the Contact Us form, or why not drop in and visit us at 49 Frederick Road, Edgbaston, Birmingham, B15 1HN.

We’d love to hear from you!