North Korean cybercriminals are the prime suspects in a recent cryptocurrency heist involving the theft of a substantial $35 million. Cybersecurity analysts shared this assessment with CNN on Tuesday, pointing to telltale signs in the tactics and techniques used in the attack.
The victim of the heist, Atomic Wallet, a widely-used cryptocurrency service based in Estonia, reportedly suffered a breach in customer accounts over the weekend. While the company has acknowledged the incident, stating that it impacted “less than 1%” of its monthly users, it has yet to comment on the total losses incurred or identify the culprits.
The aftermath of the incident has seen victims appealing directly to the thieves on Twitter, hoping for some semblance of mercy. They’ve posted their cryptocurrency addresses and pleaded for the return of their stolen funds.
Although the total amount stolen remains unconfirmed, independent cryptocurrency analyst ZachXBT, suspects it might exceed $35 million, as Atomic Wallet continues to conduct its investigation.
“We’re seeing some striking similarities between this and previous attacks attributed to North Korean hackers,” he told CNN. “This includes the Harmony case earlier this year, which involved laundering of around $100 million.”
Indeed, Pyongyang-linked cybercrime has been an increasing concern, with North Korean hackers allegedly responsible for siphoning billions of dollars from banks and cryptocurrency firms over recent years. Some reports, including those from the United Nations, suggest this illicit activity is a significant revenue source for the isolated North Korean regime.
The US administration is well aware of the potential national security implications. A White House official shared last month that nearly half of North Korea’s missile program funding could be traced back to these cybercrime activities.
In response to this evolving threat landscape, the Biden administration is shifting its focus toward strengthening defenses against these cyber-attacks and curtailing money laundering activities. As part of this initiative, it is partnering with allies and private companies globally to increase the resilience of the financial system and disrupt the resources flowing into North Korea’s missile program.
Meanwhile, the FBI has been alerted about the Atomic Wallet hack and is expected to join the ongoing investigation. The goal is to uncover the culprits, track the stolen funds, and prevent future incidents of this nature.