"The Justice Department today filed a civil forfeiture complaint detailing two hacks of virtual currency exchanges by North Korean actors," said an Aug. 27 statement from the U.S. Department of Justice, or DoJ. "These actors stole millions of dollars’ worth of cryptocurrency and ultimately laundered the funds through Chinese over-the-counter (OTC) cryptocurrency traders." The hackers allegedly utilized 280 different digital asset accounts.
March 2020 saw details of a 2019 legal case surface, in which two Chinese nationals allegedly hijacked piles of crypto assets totaling $250 million. This ordeal appears to be connected with the present day news, the DoJ statement said, noting North Korean parties at fault in relation to the 2019 case.
A hacking scheme from North Korea, matched with a crypto-based money laundering ring in China, form a drawn out web of connected activity, Brian Rabbitt, a U.S. Justice Department brass explained.
“Despite the highly sophisticated laundering techniques used, IRS-CI’s Cybercrimes Unit was able to successfully trace stolen funds directly back to North Korean actors,” Don Fort, chief of the IRS' criminal investigatory branch, IRS-CI, explained. The statement included a number of other quotes from various government agencies involved in the case.
An alleged hacker with North Korean affiliation breached a crypto exchange for $270,000 in altcoins, passing the assets through a plethora of wallets, often exchanging the them for other coins and tokens, including BTC and USDT, based on a July 2019 complaint noted in the DoJ's Aug. 27 statement.
September 2019 also yielded similar action as a North Korean character allegedly breached a crypto business in the U.S., as well as its partner entities. "The hacker stole nearly $2.5 million and laundered it through over 100 accounts at another virtual currency exchange," the statement said, noting the two hacks combined with those from the March 2020 headline called on the same over-the-counter players in China to hide their actions.
"The infrastructure and communication accounts used to further the intrusions and fund transfers were also tied to North Korea," the statement added.
UPDATE Aug. 27, 21:06 UTC: This article has been updated.