7th June 2023 – (Pyongyang) North Korean hackers are believed to be behind the theft of at least $35 million from a popular cryptocurrency service, according to multiple crypto-tracking experts who spoke with CNN on Tuesday. The hackers drained the cryptocurrency accounts of certain customers of Atomic Wallet, an Estonia-based company that claims five million users of its software. Atomic Wallet has not specified how much money might have been stolen or who was behind the hack. It claimed that “less than 1%” of monthly users appeared to have been affected by the attack. Some of the victims of the hack took to Twitter to plead with the hackers for their money back, posting their cryptocurrency addresses in case the hackers took pity on them.
This is the latest in a string of hacks of cryptocurrency firms linked to Pyongyang that US officials worry could be used to fund the North Korean regime’s nuclear and ballistic weapons programs. North Korean hackers have reportedly stolen billions of dollars from banks and cryptocurrency firms over the last several years, providing a key source of revenue for the regime, according to reports from the United Nations and private firms.
In the Atomic Wallet incident, the hackers’ money-laundering techniques and the tools they used matched telltale North Korean behavior, according to London-based crypto-tracking firm Elliptic. An independent cryptocurrency tracker known as ZachXBT told CNN that North Korean hackers were very likely responsible. The amount of confirmed theft could rise above $35 million as Atomic Wallet continues to investigate the incident, the analyst said.
The pattern is similar to what was seen with the laundering of Harmony funds back in January, noted ZachXBT, referring to the laundering of $100 million stolen from a California-based firm that the FBI blamed on North Korea. Private investigators and South Korean intelligence operatives were able to recover a fraction of that money.