After a series of high-profile cryptocurrency heists, a state-sponsored North Korean malicious hacking group is poised to cash out millions of dollars.

That's the opinion of the FBI, which this week has warned cryptocurrency companies about recent blockchain activity it has observed connected to the theft of hundreds of millions of cryptocurrency in recent months.

The FBI says that the notorious North Korean-backed Lazarus Group is behind a series of recent attacks, including:

• June 22 2023 - The theft of $60 million worth of virtual currency from Alphapo.
• June 22 2023 - The theft of $37 million worth of virtual currency from CoinsPaid.
• June 2 2023 - The theft of $100 million worth of cryptocurrency from Atomic Wallet.

CoinsPaid previously described how Lazarus Group criminals spent months learning about its staff and structure, before posing as recruiters on LinkedIn to trick workers into installing boobytrapped software.

The FBI says that North Korea may now attempt to cash out more than $40 million worth of Bitcoin, and has urged cryptocurrency companies to guard against transactions involving six Bitcoin addresses:

• 3LU8wRu4ZnXP4UM8Yo6kkTiGHM9BubgyiG
• 39idqitN9tYNmq3wYanwg3MitFB5TZCjWu
• 3AAUBbKJorvNhEUFhKnep9YTwmZECxE4Nk
• 3PjNaSeP8GzLjGeu51JR19Q2Lu8W2Te9oc
• 3NbdrezMzAVVfXv5MTQJn4hWqKhYCTCJoB
• 34VXKa5upLWVYMXmgid6bFM4BaQXHxSUoL

According to its press release, "the FBI will continue to expose and combat the DPRK’s use of illicit activities — including cybercrime and virtual currency theft — to generate revenue for the regime."

Last year the FBI linked the Lazarus Group (also known as APT38 and TraderTraitor) to the cyberattack of Harmony Bridge ($100 million stolen) and the blockchain-based Axie Infinity game (a staggering $620 million worth of cryptocurrency stolen).

Editor’s Note: The opinions expressed in this guest author article are solely those of the contributor, and do not necessarily reflect those of Tripwire, Inc.