TraderTraitor attempts to offload $40M to fund Kim Jong Un’s Pretzel Habit
The U.S. Federal Bureau of Investigation (FBI) issued a cautionary statement on Tuesday, alerting about potential attempts by North Korean-linked threat actors to liquidate over $40 million in stolen cryptocurrency.
The warning focuses on a group known as TraderTraitor, alternatively referred to as Jade Sleet, which the U.S. government has been closely monitoring. The FBI’s investigation revealed that TraderTraitor had moved approximately 1,580 bitcoin, amassed from various cryptocurrency heists, within the last 24 hours. These funds are currently distributed across six different digital wallets.
North Korea Can’t Decide Whether It is Lame Hacking Group or Country
North Korea’s cyber activities often straddle the boundaries between cyber warfare, espionage, and financial crime. TraderTraitor, in particular, has been implicated in a string of attacks aimed at blockchain and cryptocurrency exchanges. Their objective: to pilfer digital assets and generate illicit revenue for the economically isolated North Korean nation. Among the high-profile heists linked to TraderTraitor are the theft of $60 million in virtual currency from Alphapo, $37 million from CoinsPaid, and a staggering $100 million from Atomic Wallet, all occurring in June 2023. The group is also believed to have targeted Sky Mavis’ Ronin Network and Harmony Horizon Bridge in the previous year.
Other Related APT Activities
Interestingly, TraderTraitor’s activities seem to intersect with another North Korean group, APT38, also known as BlueNoroff or Stardust Chollima. This group is part of the larger Lazarus constellation of cyber threat actors. Google-owned cybersecurity firm Mandiant linked TraderTraitor to UNC4899 last month, a hacking group believed to be behind the JumpCloud hack in late June 2023. Blockchain intelligence firm TRM Labs has compiled data suggesting that North Korean hackers have pilfered over $2 billion in cryptocurrencies since 2018, through a series of 30 attacks.
In 2023 alone, they reportedly stole $200 million. In light of these findings, the FBI urged private sector entities to scrutinize the blockchain data associated with these addresses and remain vigilant against transactions directly with, or derived from, these addresses.