North Korean Hackers Purge Massive Crypto Theft for Over $200 Million

The North Korean Lazarus Group has laundered over $200 million in hacked crypto since 2020 through a combination of crypto mixers and peer-to-peer marketplaces.
The group used usernames like “EasyGoatfish351” and “FairJunco470” on P2P platforms Paxful and Noones to convert stolen crypto into USDT stablecoin before cashing out.
Lazarus Group was responsible for 17% of all crypto hacked in 2023, totaling over $309 million, and has been linked to major heists like the $625 million Ronin Bridge hack in 2022.

The notorious North Korean hacking group Lazarus has laundered over $200 million in cryptocurrency stolen from crypto hacks since 2020, according to new research.

NEW: 🇰🇵 North Korea's Lazarus Group laundered over $200 million in stolen crypto from 2020 to 2023, reveals @zachxbt
— BlockNews.com (@blocknewsdotcom) April 29, 2024

The Lazarus Group

The Lazarus Group is an infamous group of North Korean state-backed hackers that first emerged in 2009. They are among the most notorious groups of crypto hackers and have stolen over $3 billion in crypto assets in the six years leading up to 2023.

Crypto Laundering Techniques

According to research by pseudonymous on-chain analyst ZachXBT, Lazarus used a combination of crypto mixing services and peer-to-peer (P2P) marketplaces to launder the stolen funds.

The analysis identified accounts on the P2P platforms LocalBitcoins and Paxful that received hacked funds and converted crypto to fiat. Two usernames, “EasyGoatfish351” and “FairJunco470,” received and traded volumes in line with the stolen assets.

The hacked funds were converted to Tether (USDT) stablecoins before being exchanged for cash and withdrawn. Lazarus has historically relied on China-based over-the-counter traders for crypto-to-fiat conversions.

Over $374,000 worth of stolen funds were blacklisted by Tether in November 2022, while three out of four stablecoin issuers have blacklisted an additional $34 million associated with Lazarus.

Recent Major Hacks

In 2022, over $309 million, or 17% of the total funds lost to hacks, were attributed to Lazarus. Major heists include the $625 million Ronin Bridge exploit.

Earlier in April 2023, the group was found using LinkedIn to distribute malware and steal crypto. The North Korean hackers remain a constant threat to the growing crypto industry.

Disclaimer: BlockNews provides independent reporting on crypto, blockchain, and digital finance. All content is for informational purposes only and does not constitute financial advice. Readers should do their own research before making investment decisions. Some articles may use AI tools to assist in drafting, but every piece is reviewed and edited by our editorial team of experienced crypto writers and analysts before publication.