North Korean Lazarus Hackers Employing Decentralized Networks for Money Laundering August 3, 2023 August 3, 2023 Kelly Cromley http://1AZFjzw2#Nwf63pYaMWq#xIY
Market NewsAugust 3, 2023 by Kelly Cromley

North Korean Lazarus Hackers Employing Decentralized Networks for Money Laundering

State-backed North Korean cybercrime group Lazarus has reportedly engaged in several significant blockchain exploits in recent years. Now, emerging evidence suggests that hackers are consolidating their ill-gotten gains from various exploits and resorting to decentralized networks for money laundering.

Blockchain analysts zachXBT and Tayvano have identified a direct link between crypto funds stolen from the Harmony bridge, Atomic Wallet, CoinsPaid, and Alphapo hacks. The total value of the stolen funds is estimated to be around $290 million.

Lazarus Group Allegedly Consolidates and Launder Stolen Crypto via Decentralized Networks

The methods employed in these attacks and the subsequent movement of stolen assets into specific wallets have led experts in blockchain security to strongly suspect the involvement of the Lazarus group.

Tracing the flow of funds on-chain, the researchers discovered that the hackers transferred $8.5 million worth of stolen crypto across 300 addresses on three different blockchains. The entire laundering process spanned five hours and involved the division of 4,600 ETH into 125 new Ethereum addresses. Subsequently, these funds were transferred to Avalanche and then converted to Bitcoin. According to Tayvano, approximately 290 BTC now resides in 125 Bitcoin addresses, each holding between one and three BTC.

What is particularly striking is that during this money laundering operation, a total of 514 transactions moved stolen funds from Ethereum to Avalanche or from Avalanche to Bitcoin, employing the same services used for laundering the ill-gotten funds. Among these transactions, 500 involved moving stolen assets from Alphapo, CoinsPaid, and Atomic Wallet.

Remarkably, this is the fifth time in recent weeks that the Lazarus group has reportedly laundered millions of dollars through similar tactics.

The trail of these laundered funds ultimately leads to over-the-counter (OTC) traders operating on the Tron network, according to zachXBT.

Earlier this year, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) imposed sanctions on three individuals in China for their involvement in Lazarus’ money laundering activities. Among them, two were OTC crypto traders based in China and Hong Kong who converted millions of stolen cryptocurrencies into fiat currency on behalf of Lazarus. The third individual facilitated coordination with the OTC traders to support weapons production and purchase goods on behalf of the North Korean government through the OFAC-sanctioned entity Korea Kwangson Banking Corp (KKBC).

As the Lazarus group continues to demonstrate its ability to exploit blockchain vulnerabilities, authorities and security experts remain vigilant in their efforts to mitigate cyber threats and safeguard the integrity of the digital asset space. The ongoing pursuit of these malicious actors and their accomplices reflects the importance of international cooperation in combatting cybercrime and ensuring a secure environment for the global crypto community.

AuthorKelly Cromley

Kelly is our in house crytpto researcher, delving into the stories which matter from blockchains being used in the real world to new ico coming out.