The United States government has filed two legal complaints to recover over $2.67 million in digital assets stolen by the North Korean Lazarus Group. The notorious hacking collective is linked to multiple crypto thefts, including attacks on Deribit and Stake.com.
US Moves to Seize $2.67 Million in Crypto
Last week, the US government filed a lawsuit to recover digital assets worth more than $2.67 million that the North Korean Lazarus Group had stolen.
The lawsuits aim to recoup $1.7 million in Tether (USDT) linked to the Deribit hack of 2022, which caused the options exchange to lose $28 million in value. The hackers had funnelled the stolen assets through Tornado Cash and Ethereum addresses to obscure their movements.
Roughly $970,000 in Avalanche-bridged Bitcoin (BTC.b) that was taken during an attack on Stake.com in 2023 that cost the site $41 million is the subject of the second lawsuit. These actions are a part of a larger attempt by US law enforcement to thwart the plans of the North Korean state-sponsored collective known as the Lazarus Group.
Lazarus Group’s Long Builed Reputation of Hackers
The Lazarus Group is well-known for having a lengthy history of attacking cryptocurrency networks via cyberattacks. Microsoft published a patch earlier this year to fix a zero-day vulnerability in Windows that the gang had been using.
According to CYFIRMA, the hacking gang is behind several high-profile hacks, including the theft of $235 million in cryptocurrency assets from Indian exchange WazirX, CNBC reported.
Furthermore, a report published in August 2024 by on-chain detective ZackXBT revealed how North Korean developers had used fictitious identities to get access to over 25 crypto projects. There are worries about the group’s growing use of cyber techniques after these hacked developers were able to steal money and exploit project codes.
The US Federal Bureau of Investigation (FBI) issued a series of warnings about the Lazarus Group in September 2024, cautioning against their use of social engineering tactics in crypto-related attacks. This marked the latest in a series of escalating alerts regarding the group’s activities, as they continue to exploit vulnerabilities in the digital finance ecosystem.