On 27th August, the U.S. government filed a lawsuit in a bid to recover over 280 BTC and ETH accounts believed to host North Korean hack funds. The presented documents did not show the hacks exchanges, but stated that two hacks were involved and took place on July 1, 2019 and September 25, 2019.
During the first hack the North Korea-based hackers were able to make away with $272,000 worth of alternative cryptocurrencies and tokens. In the second hack, they stole multiple virtual currencies worth over $2.5 million.
Hackers Used Blockchain Hopping
The United States officials stated that they used blockchain analysis to track down the 280 accounts. Court documents stated that the hackers used blockchain hopping to launder the stolen funds.
The documents also state that the North Korea hackers stole funds from one exchange and changed them to other exchanges. Through this, they gathered all funds into 280 BTC and ETH accounts that would later be tracked down and discovered.
However, the 280 accounts are currently frozen at the portals where they were set up. These accounts were frozen after the hacks by cryptocurrency exchange portals. This prevented continued transactions by the hackers and conversion into real currency which would cause all traces to be lost.
U.S. Government Reasons to Sue the North Korean Accounts
A U.N report last year said that North korea has generated over $2 Billion in cyber-attacks involving banks and cryptocurrency. The money generated is invested in weapons of mass destruction.
The U.N experts have also said that cryptocurrency exchange attacks have given North Korea a chance to generate income making it hard to track their activities. The security council has imposed sanctions on the country since 2006 in a bid to stop funding for mass destruction weapons.
Last year, the U.N president, Donald Trump met with North Korean leader, Kim Jong Un three times to discuss Pyongyang. They were asked to give up the nuclear weapons project that they were working on. Despite their agreement, North Korea was said to violate the U.N sanctions and continue with the projects even launching a missile May and July 2019.
North Korea has however denied the imposed cyber-attack allegations and dismissed them as efforts to tarnish its image
