North Korean Lazarus Group Accused of Money Laundering Over $200 Million in Stolen Cryptocurrency from 2020 to 2023
By Hassan Shittu
Updated on April 29, 2024, at 18:07 EDT
According to an investigation conducted by crypto investigator ZachXBT on April 29, the North Korean Lazarus Group has allegedly laundered $200 million worth of cryptocurrency into traditional currency between August 2020 and October 2023.
The investigation focused on more than 25 exploits across different blockchains and tracked the illegally acquired funds as they were moved out of the cryptocurrency ecosystem through mixers, peer-to-peer marketplaces, and centralized exchanges.
North Korean Lazarus Group Accused of Laundering Over $200 Million in Stolen Cryptocurrency
The illicit funds were acquired through more than 25 cryptocurrency hacks reportedly orchestrated by the Lazarus Group, which gained notoriety since its inception in 2009. The group allegedly stole over $3 billion in cryptocurrency assets in the six years leading up to 2023.
ZachXBT wrote on X, “Thousands of people in the space have been directly and indirectly affected by Lazarus Group attacks, and it seems that this number will only continue to rise.”
The North Korean hackers allegedly laundered the stolen digital assets by using a combination of cryptocurrency mixing services and peer-to-peer (P2P) marketplaces.
The crypto investigator noted that at least $44 million of the stolen cryptocurrency was laundered through the Paxul and Noones P2P marketplaces, using usernames such as “EasyGoatfish351” and “FairJunco470.” These usernames displayed deposit and trading patterns that aligned with the movement of stolen funds.
Further analysis revealed that the hacked funds were primarily converted into the USDT stablecoin before being exchanged for fiat currencies and subsequently withdrawn. The Lazarus Group has historically relied on over-the-counter traders in China to convert cryptocurrency into traditional currencies.
In November 2023, Tether blacklisted over $374,000 worth of stolen funds associated with the Lazarus Group. Additionally, three out of four stablecoin issuers reportedly blacklisted an additional $3.4 million held in a cluster of addresses linked to Lazarus, according to ZachXBT’s findings.
North Korea-Linked Hacks Contribute to $2.4 Billion in Cryptocurrency Losses Since 2020
Data from the United Nations Security Council (UNSC) and DeFiLlama shows that over 70% of the cryptocurrency lost in North Korea-linked hacks since 2020 can be attributed to exploits involving compromised private keys.
The combined findings suggest that North Korea has been involved in approximately $2.4 billion worth of cryptocurrency heists since 2020, with $1.69 billion of that amount resulting from thefts due to compromised private keys.
In a report published last month, the UNSC documented investigations into 58 cryptocurrency heists with suspected North Korean involvement dating back to 2017. These hacks amounted to approximately $3 billion, with $700 million stolen in 2023 alone.
However, blockchain forensics firm Chainalysis reported a higher figure in January, estimating that North Korea-linked hacks accounted for $1 billion of the total $1.7 billion stolen in 2020. Interestingly, despite increased activity by North Korean hackers in 2023, they stole $700 million less than the previous year.
Approximately $1.7 billion worth of funds were stolen from the cryptocurrency space in 231 hacks. Data analysis from DeFiLlama and the UNSC also revealed a decrease in the overall amount of cryptocurrency hacked from protocols, dropping to $1.53 billion in 2023 from $3.28 billion in 2022. This trend contrasts with the figure of $2.34 billion in 2021.
The decline in losses could indicate improvements in project security or be influenced by market conditions. However, experts warn that hacking activity may increase again with favorable market conditions and the continued growth of the decentralized finance (DeFi) sector.
Follow Us on Google News