Exposing Lazarus Group: How North Korean Hackers Laundered $200 Million in Stolen Cryptocurrency
North Korean rogue hackers Lazarus Group have recently been exposed for laundering over $200 million in stolen cryptocurrency into fiat currency, according to an in-depth analysis by on-chain analyst ZachXBT. The investigation reveals the sophisticated techniques used by the gang to mask hacked profits and convert them into conventional money.
Lazarus Group, known for their large-scale hacks of various blockchain networks, has been involved in numerous cybercrimes from August 2020 to October 2023. Some of their successful hacks include breaking into Stake.com’s account and stealing $622 million from a Ronin gaming network, resulting in over $2 billion in stolen virtual assets.
ZachXBT’s investigation of 25 hacking incidents uncovered a complex money-laundering process employed by Lazarus Group, which included the use of cryptocurrency mixers and peer-to-peer exchanges. The gang utilized popular mixing services like Tornado Cash for Ethereum and ChipMixer for Bitcoin to disguise the trail of stolen money. They also used Bitcoin P2P exchanges like Noones and Paxful to convert the stolen funds into fiat currency.
Industry partners collaborated with platforms such as Binance and MetaMask to track down accounts associated with Lazarus Group, totaling approximately $44 million in hacked funds. Despite these efforts, the report highlights the need for continuous investigation and cooperation within the crypto community to combat criminal activities like money laundering.
In response to Lazarus Group’s illicit operations, Tether blacklisted 374,000 USDT in November 2023, and three stablecoin issuers added $3.4 million to the list of blacklisted addresses linked to the group. These actions demonstrate the industry’s commitment to shutting down criminals and preventing illegal activities in the crypto space.
As ZachXBT warns, “Thousands of people in the space have been impacted directly and indirectly by Lazarus Group attacks, and it seems that number will only continue to increase.” The complexity of the group’s operations underscores the importance of ongoing vigilance and collaboration to protect the integrity of the cryptocurrency market.