简体中文
繁體中文
English
Pусский
日本語
ภาษาไทย
Tiếng Việt
Bahasa Indonesia
Español
हिन्दी
Filippiiniläinen
Français
Deutsch
Português
Türkçe
한국어
العربية
Abstract:The U.S. government is moving to seize approximately $2.67 million in cryptocurrency connected to two major cyberattacks orchestrated by the notorious Lazarus Group, believed to be backed by North Korean hackers.
Recent legal actions by the U.S. Attorney for the District of Columbia have shed light on the sophisticated methods North Korean hackers use to launder stolen cryptocurrency. The U.S. government is moving to seize approximately $2.67 million in cryptocurrency connected to two major cyberattacks orchestrated by the notorious Lazarus Group. These attacks targeted the crypto options exchange Deribit and the online crypto casino Stake.com.
The first case focuses on $1.7 million worth of Tether (USDT), which was traced back to the Lazarus Group‘s hack of Deribit in November 2022. In this incident, the hackers infiltrated Deribit’s hot wallet and managed to steal around $28 million. After gaining access, they converted the stolen assets into Ethereum and used the Tornado Cash crypto mixer to obscure the funds' trail. The stolen assets were later converted into USDT stablecoins on the Tron blockchain. Law enforcement officials successfully tracked the stolen funds by analysing patterns in the hackers' wallet activities and transaction timings, allowing them to freeze some of the stolen assets spread across multiple wallets.
The second forfeiture action involves approximately $971,000 in stolen Avalanche-bridged Bitcoin (BTC.b) from the crypto casino Stake.com. The Lazarus Group was responsible for a $41 million hack of the platform. After the heist, the hackers used the Avalanche Bitcoin bridge and crypto mixers such as Sinbad and Yonmix to conceal the stolen funds. Despite the sophisticated obfuscation techniques employed, law enforcement agencies were able to freeze some of the laundered assets.
Despite these significant law enforcement successes, the Lazarus Group continues to pose a serious threat in the cryptocurrency space. The group has been linked to several other high-profile cyberattacks, including the July 2024 breach of the WazirX exchange, where they siphoned off over $230 million worth of digital assets. During this attack, more than $100 million in Shiba Inu tokens, $52 million in ether, and other assets were stolen from a multisignature wallet, accounting for nearly half of the total reserves WazirX reported in June 2024.
Following the WazirX hack, the exchange filed for restructuring to manage its financial liabilities. Legal representatives for WazirX indicated that customers are unlikely to recover the full value of their lost assets in cryptocurrency. Current estimates suggest that potential refunds may range between 55% and 57% of the total funds lost.
These recent forfeiture actions underscore the persistent threat posed by North Korean state-sponsored hackers and the growing sophistication of their techniques for laundering stolen cryptocurrency. Despite efforts by law enforcement to freeze assets, the Lazarus Group continues to evade capture, leaving a trail of significant financial damage across the global cryptocurrency landscape.
Disclaimer:
The views in this article only represent the author's personal views, and do not constitute investment advice on this platform. This platform does not guarantee the accuracy, completeness and timeliness of the information in the article, and will not be liable for any loss caused by the use of or reliance on the information in the article.
A former senior employee of Binance’s UK division, Amrita Srivastava, has initiated legal proceedings against the cryptocurrency exchange, alleging both bribery and wrongful termination.
Coinbase plans to expand in the Philippines, aiming to increase crypto adoption and grow the blockchain economy with a new country manager.
A scam ring in the Philippines deceived Australian men over 35, luring them with fake crypto investments. 250+ arrests made in crackdown on romance fraud.
Tether, the issuer of the world’s largest stablecoin, USDt, has announced that it will cease support for its euro-pegged stablecoin, EURt (EURT), across all blockchains. Users are required to redeem their EURt holdings by 25 November 2025, following the company’s decision to phase out the token.