The Lazarus Group, a well-known group of state-backed hackers from North Korea, has successfully laundered more than $200 million worth of stolen cryptocurrency between the years 2020 and 2023.
According to a post by pseudonymous on-chain researcher ZachXBT on April 29th, the funds were stolen from more than 25 cryptocurrency hacks. The Lazarus Group, which first emerged in 2009, has gained notoriety for their involvement in cybercrime. In fact, they managed to steal a staggering $3 billion worth of cryptocurrency assets in the six years leading up to 2023.
To convert the stolen digital assets, the North Korean hackers utilized a combination of crypto mixing services and peer-to-peer (P2P) marketplaces. ZachXBT reveals that at least $44 million worth of stolen cryptocurrency was laundered through the Paxul and Noones P2P marketplaces. The hackers used two usernames, namely “EasyGoatfish351” and “FairJunco470,” which showed deposits and trading volumes consistent with the stolen funds.
The analysis conducted by ZachXBT also indicates that the stolen funds were converted into the USDT stablecoin before being exchanged for cash and subsequently withdrawn. Historically, the group has relied on over-the-counter traders based in China for converting crypto to fiat currency.
Tether, one of the stablecoin issuers, blacklisted stolen funds worth over $374,000 in November 2023. Additionally, three out of four stablecoin issuers have blacklisted an additional $3.4 million that was found in a cluster of addresses associated with the Lazarus Group.
In 2023, the Lazarus Group was responsible for stealing over $309 million, which accounts for approximately 17% of the total stolen funds during that year. A report by Immunefi on December 28th reveals that a staggering $1.8 billion worth of cryptocurrency was lost to hacks and exploits throughout the year.
Earlier in April, the Lazarus Group made headlines for using LinkedIn as a platform to carry out targeted malware attacks and steal digital assets. SlowMist, a blockchain security analytics firm, reported this incident. The Lazarus Group has been involved in some of the largest cryptocurrency heists, including the 2022 Ronin Bridge hack, which resulted in the theft of $625 million worth of cryptocurrency.