North Korean Hacker Group Lazarus Laundered Over 2,500 Stolen Bitcoins In May, Report

News and Analysis

In May, North Korean hacker group Lazarus transferred 2,549 Bitcoins (BTC), or approximately $23.2 million, to two mixing services, ChipMixer and Wasabi, in a bid to cover their tracks. The team behind OXT Research, a company that conducts in-depth research and analysis of the Bitcoin network, de-anonymized the group through both mixers and set forth its findings in a dedicated report.

Back in March, United States authorities included two Bitcoin addresses of two Chinese citizens suspected of involvement in the Lazarus group operations in a sanctions list. According to the government, the Chinese in question received more than $100 million from accounts controlled by North Korea. The money had allegedly been stolen from two cryptocurrency exchanges.

At the end of April, the research unit of OXT examined those addresses and concluded that the funds had been transferred there for subsequent laundering. The company was able to connect those wallets with accounts on various exchanges, and then determined the hackers’ tactics.

Timeline of Lazarus’s Crimes

Lazarus is considered to be one of the most notorious hacktivists in the world. The hackers conducted their first attack on the South Korean government in 2007, which was followed by another attack on financial companies and media of the same country in 2011.

In 2014, they attacked Sony Pictures and several South Korean cryptocurrency exchanges including Yapizon, Coinis, YouBit, Bithumb, and Coincheck. The U.S. authorities believe that Lazarus is behind the notorious malware WannaCry that went epidemic in 2017. Some analysts believe that the money stolen by Lazarus was used by North Korea to bypass international sanctions.

In 2018, the hot wallet of the South Korean exchange Bithumb was hacked, with hackers stealing about $30 million partially in the Ripple (XRP) cryptocurrency. Some experts suggested that Lazarus and its subsidiary BlueNoroff were engaged in the hack.

Earlier this year, research company Chainalysis reported that Lazarus was behind the attack on the DragonEx cryptocurrency exchange in March 2019. As a result, the hackers managed to steal $7 million in BTC, XRP, Litecoin (LTC), and other digital currencies.

Follow us on Twitter and Facebook and join our Telegram channel to know what’s up with crypto and why it’s important.

Found a typo? Highlight text and press CTRL+ENTER

Subscribe to our Newsletter


Related posts

Tags: , ,