The U.S. Department of Justice filed a lawsuit on Thursday seeking to seize funds from 280 accounts across a variety of cryptocurrency networks, all of which are tied to past attacks by alleged North Korean attackers.
Court documents released alongside a press statement show that the government's investigation dates back to 2018 and centered on a string of attacks on crypto exchanges in South Korea. The court documents also mention "U.S.-based company focused on the Algorand blockchain," alluding to the attack on Algo Capital, an investment firm that lost $1.9 million to the assailants (the DOJ press statement states that "nearly $2.5 million" was stolen).
According to prosecutors, the stolen funds were laundered using a series of unnamed cryptocurrency exchanges as well as over-the-counter (OTC) traders based in China.
“Today’s action publicly exposes the ongoing connections between North Korea’s cyber-hacking program and a Chinese cryptocurrency money laundering network,” Acting Assistant Attorney General Brian Rabbitt said in a statement. “This case underscores the department’s ongoing commitment to counter the threat presented by North Korean cyber hackers by exposing their criminal networks and tracing and seizing their ill-gotten gains.”
The court documents (embedded below) include detailed flow charts for each of the thefts, breaking down the flow of money as it moved from the attack targets to the laundering points.
The Department of Justice release also alluded to the existence of a "Cryptocurrency Strike Force," which Acting U.S. Attorney Michael Sherwin credited with playing a key role in the investigations.
“This complaint reveals the incredible skill of our Cryptocurrency Strike Force in tracing and seizing virtual currency, which criminals previously thought to be impossible," said Sherwin.
Earlier Thursday, the Department of Homeland Security issued a notice about the actions of a North Korea-tied group known as the BeagleBoyz, which it blamed for past crypto exchange attacks.