The United States Justice Department accused two North Koreans of cryptocurrency theft through two hacks of virtual currency exchanges.
According to department documents, the two perpetrators stole millions of dollars’ worth of cryptocurrency. They ultimately laundered the funds through Chinese over-the-counter (OTC) cryptocurrency traders.
The complaint comes following criminal and civil proceedings in March 2020 related to the theft of $250 million in cryptocurrencies through other exchange hacks by North Korean parties.
“Today’s action publicly exposes the ongoing connections between North Korea’s cyber-hacking programme and a Chinese cryptocurrency money laundering network,” said Acting Assistant Attorney General Brian C. Rabbitt of the Justice Department’s Criminal Division regarding the theft.
“This case underscores the department’s ongoing commitment to counter the threat presented by North Korean cyber hackers by exposing their criminal networks and tracing and seizing their ill-gotten gains,” he added.
For his part, Chief of IRS Criminal Investigation (IRS-CI) Don Fort said that IRS-CI’s Cybercrimes Unit was able to successfully trace stolen funds directly back to North Koreans.
Details of the hacks
The forfeiture complaint filed details of two related hacks of virtual currency exchanges, the Justice Department stated.
It clarified in its complaint that a perpetrator tied to North Korea hacked a virtual currency exchange in July 2019. The hacker allegedly stole over $272,000 worth of alternative cryptocurrencies and tokens. The theft included Proton Tokens, PlayGame tokens, and IHT Real Estate Protocol tokens. Over the subsequent months, he laundered the funds through several intermediary addresses and other virtual currency exchanges. In many instances, the hacker converted the cryptocurrency into BTC, Tether, or other forms of cryptocurrency – a process known as “chain hopping” – in order to obfuscate the transaction path. As detailed in the pleadings, law enforcement were nonetheless able to trace the funds, despite the sophisticated laundering techniques used.
Moreover, in September 2019, there was a related hacking of a US-based company. The North Korea-associated hacker gained access to the company’s virtual currency wallets, funds held by the company on other platforms, and funds held by the company’s partners. The hacker stole nearly $2.5 million. They laundered it through over 100 accounts at another virtual currency exchange, the filing added.
One group of Chinese OTC traders allegedly laundered all mentioned hacks, according to the filing. It also showed accounts and fund transfers tied to North Korea.
According to Enterprise Times, the court filing also revealed the movements of cryptocurrencies from CoinTiger. There are over ten exchanges implicated either through having cryptocurrencies stolen or being used to launder the stolen tokens. At least one of those exchanges, Algo Capital, is based in the US. It eperienced the theft of Algorand (ALGO) tokens and Tether (USDT) stablecoins when its CTO, Pablo Yabo, had his phone hacked.