Nothing to Hide

US Court Seizes 279 North Korea Crypto Accounts as Hackers Use New Malware

Ukraine seizes $19,500 from crypto wallet dedicated to supporting Russian forces

US Court Seizes 279 North Korea Crypto Accounts as Hackers Use New Malware

US Court orders seizure of 279 crypto accounts tied to North Korea. North Korea uses new malware, "Durian," to bypass sanctions. Funds from hacks support North Korea's nuclear programs.

Justice Timothy Kelly of the US District Court for the District of Columbia has ordered the seizure of 279 crypto accounts linked to North Korean operatives.

This action intensifies the battle against international money laundering and nuclear proliferation.

North Korean Crypto Hackers Use New Malware

The decision follows a series of US actions to disrupt the financial networks facilitating North Korea’s illicit activities. Initiated by the US government in August 2020, this case involved actors linked to North Korea transferring stolen crypto to exchanges and unhosted wallets outside the US.

These sophisticated operations obscure the origins of stolen currencies and convert them into hard cash, helping North Korea skirt sanctions.

Read more: 15 Most Common Crypto Scams To Look Out For

In response, Washington has toughened its stance by sanctioning crypto mixers, services that make tracing the origins of stolen funds difficult. However, North Korean cybercrime groups have skillfully evaded US and international sanctions by devising new laundering methods.

These activities are part of a broader pattern of cyber heists targeting cryptocurrency exchanges. For instance, a single heist alone netted almost $250 million after an unwitting employee downloaded malware. This malware gave attackers remote access to manage virtual funds privately.

Moreover, in a recent report, cybersecurity firm Kaspersky described Durian as a tool for remote control and data theft. The malware cleverly utilizes legitimate security software used by crypto firms, thus enhancing its effectiveness and stealth.

“With the help of Durian, first, the North Korean hackers introduced additional malware named “AppleSeed”, an HTTP-based backdoor commonly employed by the Kimsuky group. Furthermore, they incorporated legitimate tools, including ngrok and Chrome Remote Desktop, along with a custom proxy tool, to access target machines. Ultimately, the actor implanted the malware to pilfer browser-stored data, including cookies and login credentials,” Kaspersky explained.

Additionally, the United Nations has reported that between 2017 and 2023, North Korea amassed about $3 billion from crypto hacks. These funds significantly support Pyongyang’s weapons programs, including its nuclear and missile development efforts.

Read more: Crypto Project Security: A Guide to Early Threat Detection

Crypto Funds Hacked by North Korea. Source: Chainalysis

According to a UN panel of experts, this funding is critical as it represents nearly half of North Korea’s foreign currency revenue.

Top crypto platforms | May 2024

Explore →

Explore →

Explore →

Explore →

Explore →



In adherence to the Trust Project guidelines, BeInCrypto is committed to unbiased, transparent reporting. This news article aims to provide accurate, timely information. However, readers are advised to verify facts independently and consult with a professional before making any decisions based on this content. Please note that our Terms and ConditionsPrivacy Policy, and Disclaimers have been updated.