A recent investigation by crypto sleuth ZachXBT has shed light on the extensive money laundering activities of North Korea’s notorious Lazarus Group.
The findings reveal that the state-backed hacking group laundered a staggering $200 million worth of stolen cryptocurrency into fiat currency between August 2020 and October 2023.
TLDR
- ZachXBT’s investigation revealed that North Korea’s Lazarus Group laundered $200 million worth of crypto into fiat currency between August 2020 and October 2023.
- The investigation looked at over 25 exploits across various blockchains, tracing illicitly gained funds passing through mixers, exchanges, and other avenues.
- Lazarus Group used sophisticated cyberattacks to steal funds and has been tied to large-scale crypto exploits such as the Harmony bridge and Ronin bridge hacks.
- The group laundered funds using a combination of crypto mixing services and peer-to-peer (P2P) marketplaces to convert the stolen digital assets.
- ZachXBT identified accounts at Noones and Paxful (P2P marketplaces) that received funds from the hacks and were used to convert crypto to fiat.
ZachXBT’s in-depth analysis focused on more than 25 exploits across various blockchain platforms, meticulously tracing the movement of illicitly obtained funds through mixers, peer-to-peer marketplaces, and centralized exchanges.
The investigation aimed to uncover how the Lazarus Group managed to remove the stolen funds from the cryptocurrency ecosystem and convert them into traditional fiat currency.
1/ How Lazarus Group laundered $200M from 25+ crypto hacks to fiat from 2020 – 2023https://t.co/s8zNFwlamb
— ZachXBT (@zachxbt) April 29, 2024
The Lazarus Group, which first emerged in 2009, has gained notoriety for its sophisticated cyberattacks targeting the cryptocurrency industry.
The group has been linked to several high-profile crypto heists, including the $100 million Harmony bridge exploit in January 2023 and the Ronin bridge hack of March 2022.
In total, it is estimated that the Lazarus Group has stolen over $3 billion in crypto assets in the six years leading up to 2023.
To launder the stolen funds, the group employed a combination of crypto mixing services and peer-to-peer marketplaces. ZachXBT identified specific accounts on the P2P platforms Noones and Paxful that received funds from the hacks and were subsequently used to convert the cryptocurrency into fiat currency.
The investigation revealed that the stolen funds were first converted into the USDT stablecoin before being exchanged for cash and withdrawn.
ZachXBT’s analysis further indicates that the Lazarus Group has historically relied on China-based over-the-counter (OTC) traders to facilitate the conversion of stolen crypto into fiat currency.
This finding aligns with previous reports on the group’s modus operandi.
The crypto sleuth’s investigation highlights the ongoing threat posed by state-sponsored hacking groups like the Lazarus Group and the need for increased vigilance and security measures within the cryptocurrency industry.
The laundering of such a significant amount of stolen funds underscores the importance of robust anti-money laundering (AML) and know-your-customer (KYC) procedures on cryptocurrency platforms.