The thread assesses that DWF Labs was likely compromised in September 2022 by the DPRK-affiliated AppleJeus actor, resulting in theft of at least $44 million in mostly USDC and USDT. The activity began with draining of address 0x3d67fdE4B4F5077f79D3bb8Aaa903BF5e7642751 while exchange withdrawals to the same address suggested both private keys and exchange account credentials may have been compromised. The stolen funds were quickly laundered through Ren bridge to Bitcoin, with later movement into the custodial Bitcoin mixer Mixero and co-mingling with other AppleJeus-linked incidents including Deribit, Tower Capital, and Radiant. The post provides Ethereum theft addresses and several large Bitcoin pots, including balances described as still unspent and worth more than $30 million.