North Korean Lazarus Group Accused of Money Laundering $200 Million in Stolen Cryptocurrency from 2020 to 2023
By Hassan Shittu
Updated on April 29, 2024 at 18:07 EDT
According to an investigative report by cryptocurrency investigator ZachXBT, the North Korean Lazarus Group allegedly laundered $200 million worth of cryptocurrency into fiat currency between August 2020 and October 2023. The report examined more than 25 exploits across different blockchains and traced the illicitly gained funds through mixers, peer-to-peer marketplaces, and centralized exchanges to demonstrate how the funds were removed from the cryptocurrency ecosystem.
The Lazarus Group, known for its activities since 2009, is implicated in over 25 cryptocurrency hacks, allegedly stealing a total of $3 billion in crypto assets leading up to 2023. “Thousands of people in the space have been directly and indirectly impacted by Lazarus Group attacks, and it seems that number will only continue to increase,” wrote ZachXBT on X.
The North Korean hackers reportedly laundered the stolen digital assets using a combination of crypto mixing services and peer-to-peer (P2P) marketplaces. The investigation revealed that at least $44 million of stolen cryptocurrency was laundered through the Paxul and Noones P2P marketplaces, using usernames such as “EasyGoatfish351” and “FairJunco470.” These usernames exhibited deposit and trading patterns that matched the movement of stolen funds.
Further analysis showed that the majority of the hacked funds were converted into the USDT stablecoin before being exchanged for fiat currencies and subsequently withdrawn. The Lazarus Group has historically relied on over-the-counter traders in China to convert cryptocurrency into fiat currencies.
In November 2023, Tether blacklisted over $374,000 worth of stolen funds associated with the Lazarus Group. Additionally, three out of four stablecoin issuers reportedly blacklisted an additional $3.4 million sitting in a cluster of addresses linked to Lazarus, as per ZachXBT’s findings.
According to data from the United Nations Security Council (UNSC) and DeFiLlama, more than 70% of the cryptocurrency lost to North Korea-linked hacks since 2020 was due to compromised private keys. The combined findings indicate that North Korea was involved in approximately $2.4 billion worth of crypto heists since 2020, with $1.69 billion attributed to thefts resulting from compromised private keys.
In a report published last month, the UNSC documented investigations into 58 crypto heists with suspected North Korean involvement dating back to 2017. These hacks amounted to approximately $3 billion, with $700 million stolen in 2023 alone.
However, blockchain forensics firm Chainalysis reported a higher figure in January, estimating that North Korea-linked hacks accounted for $1 billion of the $1.7 billion total stolen in 2020. Interestingly, despite increased activity by North Korean hackers in 2023, they stole $700 million less than the previous year.
A total of approximately $1.7 billion worth of funds were stolen from the cryptocurrency space in 231 hacks. Analysis of DeFiLlama and UNSC data also revealed a decline in the overall amount of crypto hacked from protocols, dropping to $1.53 billion in 2023 from $3.28 billion in 2022. This trend contrasts with the figure of $2.34 billion in 2021.
While the decrease in losses may indicate improved project security or be influenced by market conditions, experts caution that hacking volume may increase again with favorable market conditions and the continued growth of the decentralized finance (DeFi) sector.
Follow Us on Google News