Key Insights
- The North Korean hacking group Lazarus laundered over $200 million in stolen cryptocurrency between 2020 and 2023
- Lazarus obtained the funds from over 25 crypto exchange hacks and has stolen over $3 billion in digital assets since 2009
- The group accounted for 17% of the $1.8 billion worth of crypto stolen in hacking incidents in 2023
LONDON (MarketsXplora) – The North Korean state-sponsored hacking group Lazarus laundered over $200 million worth of stolen cryptocurrency between 2020 and 2023 through a combination of mixing services and peer-to-peer marketplaces, according to a blockchain analysis.
The notorious cyber gang obtained the funds from more than 25 separate crypto exchange hacks and other heists over the three-year period, on-chain researcher ZachXBT said in a post on the social media platform X, formerly known as Twitter.
Lazarus is among the most prolific crypto hacking groups and has stolen over $3 billion in digital assets since emerging in 2009, the researcher added, citing years of tracking the group’s activities on the blockchain.
According to ZachXBT’s analysis, Lazarus used accounts on P2P platforms Paxful and Noones, under usernames like “EasyGoatfish351” and “FairJunco470”, to convert stolen cryptocurrencies into fiat currencies like the U.S. dollar.
The hacked funds were first swapped into the Tether (USDT) stablecoin before being traded for cash and withdrawn, ZachXBT said, adding that the group has historically relied on over-the-counter traders in China for such crypto-to-fiat conversions.
While over $374,000 worth of Lazarus-linked funds were blacklisted by Tether in November, three other major stablecoin issuers have blocked an additional $3.4 million sitting in wallets associated with the hacking group, the researcher noted.
Read also! CoinEx $55 Million Hack Traced to North Korean Hackers Lazarus Group
Lazarus accounted for over $309 million, or 17%, of the $1.8 billion worth of cryptocurrency stolen in hacking incidents across 2023, according to figures from blockchain security firm Immunefi.
The North Korean hacking group has been behind some of the biggest crypto heists, including the $625 million Ronin bridge hack in March 2022.
Earlier in April, cybersecurity firm SlowMist reported that Lazarus was using LinkedIn to conduct targeted malware attacks to steal digital assets.
Read also! Alex Lab Traces $4 Million Crypto Hack to North Korea’s Lazarus Group
North Korea is believed to be turning to crypto hacking and other cyber crimes to generate revenue and circumvent international sanctions over its nuclear program. The United States has sanctioned Lazarus Group and other North Korean hacking collectives.