US DOJ Seeks to Seize $15M in USDT Tied to North Korean Hackers

The US Department of Justice is transferring to seize greater than $15 million in USDT linked to North Korean hackers, a part of a broader effort to disrupt Pyongyang’s rising dependence on crypto theft and illicit IT work to fund its sanctioned packages.

The motion, introduced Friday, consists of two civil forfeiture complaints covering $15.1 million in Tether stolen throughout a sequence of 2023 assaults attributed to North Korea’s Advanced Persistent Threat 38 (APT38), a state-backed hacking unit identified for concentrating on world crypto companies.

FBI Seeks to Forfeit Seized USDT Tied to 2023 Crypto Hacks

Federal investigators traced the digital belongings to funds stolen from 4 digital foreign money platforms in 2023.

The FBI initially seized the USDT in March 2025 and is now searching for court docket approval to completely forfeit the belongings to allow them to be returned to victims.

The DOJ didn’t determine the particular hacked platforms, although its timeline aligns carefully with a number of main incidents that 12 months, together with the $100 million Poloniex breach in November 2023, the $37 million CoinsPaid hack that July, the Alphapo payments attack, which the DOJ estimates at roughly $100 million, and one other November 2023 theft of about $138 million from a Panama-based trade.

The DOJ has not confirmed which of those instances fall underneath the forfeiture actions.

According to the announcement, North Korean operatives continued to launder stolen funds by means of a patchwork of mixers, cross-chain bridges, crypto exchanges, and OTC brokers.

“Efforts to hint, seize, and forfeit associated stolen digital foreign money stay ongoing, because the APT38 actors proceed to launder such funds,” the DOJ mentioned.

US DOJ SEIZES MORE N. KOREA-LINKED CRYPTO

The Justice Department recovered one other $15M from North Korean crypto heists as its crackdown intensifies. pic.twitter.com/udWxTRNd9T

— Coin Bureau (@coinbureau) November 15, 2025

The enforcement push doesn’t cease on the hackers. The DOJ additionally revealed it secured responsible pleas from 5 people who helped North Korea infiltrate US firms by means of fraudulent distant IT work, a scheme that has turn into a central income stream for Pyongyang.

Four US residents, together with Audricus Phagnasay (24), Jason Salazar (30), Alexander Paul Travis (34), and Erick Ntekereze Prince (38), admitted to wire fraud conspiracy after offering their identities to North Korean IT employees and permitting company-issued laptops to be operated from inside their properties.

The setup was designed to make it seem these employees have been based mostly in the United States, giving them entry to US company networks.

Ukrainian Pleads Guilty to Selling Stolen U.S. Identities to North Korea

In a separate plea, Ukrainian nationwide Oleksandr Didenko admitted to wire fraud conspiracy and aggravated identification theft.

He stole US residents’ identities and offered them to North Korean IT operatives, serving to them safe roles at 40 firms. Didenko agreed to forfeit greater than $1.4 million.

In complete, the schemes touched 136 US firms, generated greater than $2.2 million for the North Korean authorities, and compromised over 18 Americans’ identities.

Officials have repeatedly warned that North Korean IT employees can earn up to $300,000 per 12 months, collectively funneling a whole bunch of hundreds of thousands of {dollars} into packages overseen by the regime’s Ministry of Defense.

North Korea’s crypto theft operations have surged in 2025, with hackers stealing greater than $2 billion to this point this 12 months, in accordance to blockchain analytics agency Elliptic.

The publish US DOJ Seeks to Seize $15M in USDT Tied to North Korean Hackers appeared first on Cryptonews.