The U.S. Federal Bureau of Investigations alerted crypto companies that funds associated with North Korean hacker organizations, Lazarus Group and APT38, are on the move.

The FBI said that roughly 1,580 Bitcoin (BTC), roughly $40 million at today’s price, linked to the North Korean cyber criminals were moved over the past 24 hours.

Authorities believe that the state-affiliated groups “may attempt to cash out” their holdings.


“Private sector entities should examine the blockchain data associated with these addresses and be vigilant in guarding against transactions directly with, or derived from, the addresses,” the alert warned.

The press release also featured the six different Bitcoin wallets that have been flagged as purportedly belonging to the hackers.

Crypto hacks and North Korea

Both organizations have been accused of a plethora of hacks over the years.

The most recent exploit was allegedly perpetrated by the infamous Lazarus group. The group targeted Alphapo in late July, a large payment processor associated with gambling sites and e-commerce platforms.

On that occasion, they managed to get away with $60 million.


A month before the Alphapo hack, Lazarus was also charged with draining $100 million in a widely reported attack on Atomic Wallet.

The FBI also confirmed in January 2023 that North Korean hackers were likely behind last year’s $100 million hack on crypto bridge Harmony Protocol. Lazarus also made off with a breathtaking $190 million, just one month later.

Blockchain analytics company Elliptic has stated previously that the North Korean state-sponsored group is said to have stolen over $2 billion in cryptocurrency.

Daily Debrief Newsletter

Start every day with the top news stories right now, plus original features, a podcast, videos and more.