US Moves to Forfeit 280 Cryptocurrency Accounts Linked to North Korean Hacks

The U.S. Department of Justice (DOJ) has announced a major civil forfeiture complaint targeting 280 cryptocurrency accounts tied to North Korean cyberattacks. These accounts, linked to two high-profile hacks of virtual currency exchanges, highlight the growing sophistication of North Korean actors in exploiting digital assets to launder stolen funds.

The DOJ’s action reflects a coordinated effort to combat cyber threats and illicit financial activities that undermine U.S. national security and global financial stability.

The Hacks: North Korea’s Growing Cyber Threat

Hack 1: July 2019 Incident

A North Korea-associated hacker infiltrated a virtual currency exchange, stealing over $272,000 in alternative cryptocurrencies and tokens, including:

• Proton Tokens
• PlayGame Tokens
• IHT Real Estate Protocol Tokens

The stolen assets were laundered through:

• Multiple intermediary wallets.
• Conversion into Bitcoin (BTC), Tether (USDT), and other cryptocurrencies via a process called chain hopping to obscure the transaction path.

Hack 2: September 2019 Incident

A U.S.-based company was targeted in a related attack, with the hacker gaining access to:

• Virtual currency wallets.
• Funds held on partner platforms.
• Nearly $2.5 million in stolen funds laundered across more than 100 accounts at another exchange.

Laundering Through Chinese OTC Networks

The DOJ alleges that the stolen funds from these and other incidents were laundered by a group of Chinese over-the-counter (OTC) cryptocurrency traders. These actors used sophisticated laundering techniques, including:

• Multiple transfers across intermediary accounts.
• Integration with other virtual currency exchanges.

Despite these efforts, U.S. law enforcement agencies were able to trace the transactions back to North Korean actors.

The U.S. Government’s Response

1. Civil Forfeiture Complaint

The DOJ has filed a complaint to seize the 280 cryptocurrency accounts involved in laundering activities. This action is part of a broader strategy to disrupt North Korea’s attempts to finance its regime through cybercrime.

2. Previous Actions

This complaint follows a March 2020 forfeiture action targeting $250 million in stolen cryptocurrency linked to other North Korean hacks.

3. Multilateral Efforts

The DOJ’s move is supported by:

• IRS Criminal Investigation (IRS-CI): Traced funds to North Korean actors.
• FBI: Targeted the flow of illicit finance globally.
• Homeland Security Investigations (HSI): Exposed North Korea’s fraudulent financial transactions.

Statements from Key Officials

Brian C. Rabbitt, Acting Assistant Attorney General:

“This case underscores the department’s ongoing commitment to counter the threat presented by North Korean cyber hackers by exposing their criminal networks and tracing and seizing their ill-gotten gains.”

John C. Demers, Assistant Attorney General:

“Although North Korea is unlikely to stop trying to pillage the international financial sector, actions like these send a powerful message to the private sector and foreign governments.”

Michael R. Sherwin, Acting U.S. Attorney for the District of Columbia:

“This complaint reveals the incredible skill of our Cryptocurrency Strike Force in tracing and seizing virtual currency, which criminals previously thought to be impossible.”

How Cryptocurrency Was Used in the Hacks

North Korean hackers leveraged the decentralized and pseudonymous nature of cryptocurrencies to:

1. Obfuscate Transactions: By hopping across different cryptocurrencies and platforms, they masked their activities.
2. Exploit Weak Security: Targeting exchanges and companies with vulnerabilities to steal funds.
3. Launder Stolen Assets: Using OTC networks to integrate funds into the global financial system.

The Implications of the Forfeiture Action

1. Disrupting North Korean Funding

Seizing the 280 accounts hampers North Korea’s ability to use stolen cryptocurrency to support its regime and illicit activities.

2. Strengthening Cybersecurity

The case emphasizes the need for robust cybersecurity measures at cryptocurrency exchanges and other financial platforms.

3. Global Cooperation

The DOJ’s action highlights the importance of collaboration between governments and the private sector to combat cybercrime.

Challenges in Addressing Cybercrime

While the DOJ’s efforts are commendable, addressing cybercrime in cryptocurrency presents unique challenges:

1. Pseudonymity

Cryptocurrency transactions can be traced on blockchains, but identifying the individuals behind them is often difficult.

2. Jurisdictional Issues

Cybercriminals often operate across borders, complicating enforcement actions.

3. Advanced Techniques

The use of techniques like chain hopping and mixer services makes tracing stolen funds increasingly complex.

Conclusion: A Strong Stand Against Cyber Threats

The U.S. government’s move to forfeit 280 cryptocurrency accounts linked to North Korean hacks sends a clear message: cybercriminals will face consequences. This case underscores the importance of leveraging advanced investigative techniques to trace and disrupt illicit activities in the cryptocurrency space.

As the global financial system becomes more digitized, collaborative efforts between governments, private companies, and law enforcement agencies will be crucial in safeguarding national security and financial stability.

To learn more about the innovative startups shaping the future of the crypto industry, explore our article on latest news, where we delve into the most promising ventures and their potential to disrupt traditional industries.