Pseudonymous on-chain investigator ZachXBT has meticulously detailed how the Lazarus Group, the infamous North Korean hacking syndicate, allegedly laundered over $200 million.
Pseudonymous on-chain investigator ZachXBT has meticulously detailed how the Lazarus Group, the infamous North Korean hacking syndicate, allegedly laundered over $200 million in hacked cryptocurrency funds into fiat currency. ZachXBT analyzed more than 25 hacks across multiple blockchains, meticulously tracing the flow of capital through various coin mixers and exchanges over a three-year period from August 2020 to October 2023.
According to the report, Lazarus Group employed multiple coin mixers in their money laundering efforts. These mixers aim to obfuscate the origin and destination of transactions by blending them with other tokens, transactions, and addresses. Specifically, the North Korean-linked hackers utilized the Ethereum mixer Tornado Cash and the Bitcoin-based ChipMixer.
In addition to leveraging coin mixers, the hacker group frequently transferred tokens across different blockchains to further complicate the tracing of funds. They also made use of peer-to-peer (P2P) exchanges, which facilitate direct asset exchanges between individuals without the involvement of a centralized exchange. Lazarus Group specifically utilized the Bitcoin P2P exchanges Noones and Paxful.
Lazarus Group has been identified as the mastermind behind several high-profile crypto hacks in recent years. The FBI attributed the group to the $41 million attack on Stake.com, a gaming firm, as well as the $622 million exploit of the Ronin bridge. Altogether, the group has amassed over $2 billion in stolen digital assets from its various heists.
ZachXBT, with assistance from industry leaders such as crypto exchange Binance and top Ethereum wallet MetaMask, has identified multiple accounts believed to be linked to Lazarus Group. These accounts allegedly received $44 million from Lazarus hacks and successfully converted the stolen funds into fiat currency.
This article contains links to third-party websites or other content for information purposes only (“Third-Party Sites”). The Third-Party Sites are not under the control of CoinMarketCap, and CoinMarketCap is not responsible for the content of any Third-Party Site, including without limitation any link contained in a Third-Party Site, or any changes or updates to a Third-Party Site. CoinMarketCap is providing these links to you only as a convenience, and the inclusion of any link does not imply endorsement, approval or recommendation by CoinMarketCap of the site or any association with its operators.
This article is intended to be used and must be used for informational purposes only. It is important to do your own research and analysis before making any material decisions related to any of the products or services described. This article is not intended as, and shall not be construed as, financial advice.
The views and opinions expressed in this article are the author’s [company’s] own and do not necessarily reflect those of CoinMarketCap.
