DWF Labs, a market maker active in cryptocurrency markets, has been linked to an alleged loss of $44 million in a September 2022 hack.
According to on-chain investigators, the incident was not publicly disclosed by the company at the time and was only revealed after a detailed review of the blockchain.
DWF Laboratories: Alleged Attack and Method
Reports It revealed that the attacker drained a wallet linked to DWF Labs and transferred the funds through several on-chain steps.
The stolen property was mostly stablecoins – USDC and USDT – It was then converted into Bitcoin via the Ren Bridge before being routed to a mixer called Mixero.
The pattern of transfers and tools used is what has led some analysts to suggest a link to the DPRK-linked attacks. Apple Geos Collection.
2/8 On Sep 22, 2022, address 0x3d67fdE4B4F5077f79D3bb8Aaa903BF5e7642751 started draining. Meanwhile, withdrawals were made from multiple exchanges to the same address making it clear that private keys and exchange account credentials were potentially compromised. pic.twitter.com/7T7ek18SR4
– Tanuki42 (@tanuki42_) November 4, 2025
Evidence and reactions to the series
Based on reports, the investigation was conducted by an analyst known as tanuki42 who tagged the wallet address and tracked payments made to and from it before and after the alleged hack.
Other investigators on X, including popular thread trackers, began commenting and sharing their findings. Some posts pointed to nearly $30 million in Bitcoin value that had remained untouched since the transfers, raising questions about what the attacker intended to do next.
DWF Laboratories It has not released a public report on the incident or an official acknowledgment of the allegations.
What does movement look like?
Funds were moved to centralized exchanges at certain points, indicating that private keys or exchange accounts may have been compromised during the event.
After conversion, the flow to the mixer makes it difficult to follow the exact path, but records on the chain show the sequence and timestamps linking these steps to the September dates.
The way the money was handled is similar to other cases linked to state-linked threat actors, according to analysts studying the chain.
Potential impact and next steps
If this allegation is confirmed by an independent audit or by the company itself, ramifications could impact counterparties and projects that rely on DWF Labs for liquidity.
Some forensic firms and trackers are mining dormant Bitcoin pots currently worth around $30 million, while exchanges and law enforcement partners may be asked to help track or freeze movements if they occur.
Investor confidence is part of the discussion now, because public confidence depends on clear disclosure and a quick response once a breach is discovered.
Featured image from Unsplash, chart from TradingView
Editing process Bitcoinist focuses on providing well-researched, accurate, and unbiased content. We adhere to strict sourcing standards, and every page is carefully reviewed by our team of senior technology experts and experienced editors. This process ensures the integrity, relevance, and value of our content to our readers.
The post Crypto Firm DWF Labs Lose $44M To North Korean-Linked Hackers first appeared on Investorempires.com.
