The Lazarus Group, a hacking organization supported by the North Korean state, has laundered more than $200 million in crypto through over 25 separate hacks from 2020 to 2023.
This was revealed in a detailed analysis by ZachXBT, a well-known on-chain researcher, which was posted to his blog on April 29.
Did you know?
Want to get smarter & wealthier with crypto?
Subscribe - We publish new crypto explainer videos every week!
What is a MetaMask Wallet? (And How to Use it - Animated)
The hacker group reportedly used various crypto mixers and Peer-to-Peer (P2P) marketplaces to convert the stolen funds.
ZachXBT specifically pinpointed two accounts, "EasyGoatfish351" and "FairJunco470," on P2P platforms Noones and Paxful. These accounts were likely used to convert at least $44 million of stolen crypto into fiat, as their deposits and trading volumes correlate with the stolen funds.
Historically, Lazarus has used Chinese over-the-counter traders for such conversions.
The Lazarus Group has been active since 2009, continuously adapting its methods to take advantage of the crypto market. For example, the blockchain security firm SlowMist recently reported that the group has started using a new strategy of deploying malware through LinkedIn.
However, there has been some success in curbing their illegal activities, as ZachXBT noted. For instance, Tether froze over $374,000 worth of stolen funds in November 2023. Additionally, three out of four major stablecoin issuers have frozen approximately $3.4 million sitting in a group of addresses associated with the Lazarus Group.
As the crypto industry grows, these security challenges highlight the urgent need for increased protective measures and international collaboration to combat cybercrime.
