Suspected North Korean hackers on Monday moved 12 bitcoin, worth about $140,000, from one of 280 accounts the U.S. Department of Justice (DoJ) has targeted for seizure.
“One of the inputs of this transaction has been listed by the U.S. government as forfeited. It is unclear who made the transaction,” Whale Alert tweeted, attaching a DoJ civil forfeiture complaint of August 27.
In the complaint, the DoJ alleges that the accounts were used by the North Korean government to launder almost $3 million worth of cryptocurrency stolen in two separate hacks in 2019. The U.S government alleges that such funds are used to help Pyongyang undermine sanctions and sponsor its development of weapons of mass destruction.
“The forfeited address is possibly a Huobi deposit address that received 2.97069728 BTC a few days ago. The address was swept today [Aug. 31] together with deposits made by other users,” Whale Alert further tweeted.
The DoJ complaint says the two crypto heists occurred on July 1, 2019, and September 25, 2019, prejudicing unidentified exchanges of $272,000 worth of altcoins and tokens and more than $2.5 million worth of multiple virtual currencies, respectively.
U.S. investigators said hackers used a technique known as “chain hopping”, whereby one form of cryptocurrency is transferred into another, to cover their tracks. Chinese over-the-counter traders are accused of helping to launder the funds.
“Despite the highly sophisticated laundering techniques used, IRS-CI’s Cybercrimes Unit was able to successfully trace stolen funds directly back to North Korean actors,” Internal Revenue (IRS) Criminal Investigation chief Daniel Fort said.
The 280 addresses are frozen because of the investigation, with exchanges cooperating so that the stolen funds are not converted to fiat and lost forever.
The UN previously reported that North Korea has made $2 billion from cyberattacks.