ExchangeDEX+

Buy Crypto Markets Spot Futures500X Earn Events

DWF Labs, a market-making firm active in crypto markets, has been linked to an alleged loss of $44 million in a hack that took place in September 2022. Related Reading: Trump Warns Of China’s Crypto Surge, Calls For US To Take Lead According to on-chain investigators, the incident was not publicly disclosed by the firm […]DWF Labs, a market-making firm active in crypto markets, has been linked to an alleged loss of $44 million in a hack that took place in September 2022. Related Reading: Trump Warns Of China’s Crypto Surge, Calls For US To Take Lead According to on-chain investigators, the incident was not publicly disclosed by the firm […]

Crypto Firm DWF Labs Lose $44M To North Korean-Linked Hackers – Report

2025/11/06 11:00

DWF Labs, a market-making firm active in crypto markets, has been linked to an alleged loss of $44 million in a hack that took place in September 2022.

According to on-chain investigators, the incident was not publicly disclosed by the firm at the time and only came to light after a detailed blockchain review.

DWF Labs: Alleged Attack And Method

Reports have disclosed that the attacker drained a wallet tied to DWF Labs and moved the funds through several on-chain steps.

The stolen holdings were mostly stablecoins — USDC and USDT — and were then converted into Bitcoin through the Ren bridge before being routed into a mixer called Mixero.

The pattern of transfers and the tools used are what led some analysts to suggest a link to the DPRK-associated AppleJeus group.

On-Chain Evidence And Reactions

Based on reports, the investigation was driven by an analyst known as tanuki42 who flagged the wallet address and traced payments made to and from it before and after the alleged breach.

Other sleuths on X, including well-known chain trackers, began to comment and share findings. Some posts pointed to roughly $30 million in Bitcoin-valued pots that have not been touched since the transfers, raising questions about what the attacker intends to do next.

DWF Labs has not posted a public incident report or a formal acknowledgement of the claims.

What The Movement Looks Like

Money moved into centralized exchanges at certain points, which suggests private keys or exchange accounts may have been compromised during the event.

After conversion, the flow into a mixer makes it harder to follow the exact trail, but on-chain records show the sequence and timestamps that tie these steps to the September dates.

The way funds were handled is similar to other cases tied to state-linked threat actors, according to the analysts studying the chain.

Potential Impact And Next Steps

If the allegation is confirmed by an independent audit or by the firm itself, the fallout could affect counterparties and projects that relied on DWF Labs for liquidity.

Some forensic firms and trackers are poring over the dormant pots of Bitcoin that amount to about $30 million in current value, while exchanges and law-enforcement partners may be asked to help trace or freeze moves if they occur.

Investor confidence is part of the discussion now, because public trust depends on clear disclosure and rapid response once a breach is found.

Featured image from Unsplash, chart from TradingView

Disclaimer: The articles reposted on this site are sourced from public platforms and are provided for informational purposes only. They do not necessarily reflect the views of MEXC. All rights remain with the original authors. If you believe any content infringes on third-party rights, please contact [email protected] for removal. MEXC makes no guarantees regarding the accuracy, completeness, or timeliness of the content and is not responsible for any actions taken based on the information provided. The content does not constitute financial, legal, or other professional advice, nor should it be considered a recommendation or endorsement by MEXC.