An investigation by on-chain sleuth ZachXBT sheds light on how the Lazarus Group —the notorious hacking group allegedly run by the government of North Korea— has managed to launder over $200 million worth of cryptocurrencies since 2020.

The investigation focused on more than 25 exploits across various blockchain platforms. It tracked the movement of illegally obtained funds through mixers, peer-to-peer marketplaces, and centralized exchanges, illustrating how the funds were removed from the cryptocurrency ecosystem.

Moreover, the blog post reveals that Lazarus Group converted the stolen digital assets using cryptocurrency mixing services and peer-to-peer (P2P) marketplaces. 

The investigator identified accounts at Noones and Paxful, P2P marketplaces, which received funds from the hacks and were subsequently used to convert cryptocurrency to traditional fiat currency. The names are “EasyGoatfish351″ and “FairJunco470,” which exhibited deposit and trading patterns consistent with the movement of stolen funds. 

Most hacked funds were converted into USDT before being exchanged for cash and ultimately withdrawn. The group relies on China-based over-the-counter (OTC) markets for their crypto-to-fiat conversions.

Lazarus Group is an infamous group of crypto hackers that originated in 2009. It is known for its sophisticated cyberattacks to steal cryptocurrency funds; unfortunately, it has had great success. From 2018 to 2023, the hacking group pilfered over $3 billion worth of crypto assets. The group was responsible for at least 20% of all stolen crypto in 2023.

As CryptoMode reported, the hacking group has been accused of stealing employee credentials on LinkedIn and impersonating job seekers in blockchain development within the cryptocurrency sector.

Disclaimer

This article is provided for information only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.