The infamous Lazarus Group is back in the news, and not for good reasons. This North Korean-linked hacking crew has been on a crypto heist spree, raking in millions and somehow managing to stay one step ahead of everyone trying to catch them. The U.S. government is now trying to seize some of the stolen assets, but it’s a tall order. Let’s break down what’s going on.
The Lazarus Group isn't new to the game. They've been around since at least 2009, hitting high-profile targets like Sony Pictures and even pulling off a massive cyberattack on Bangladesh Bank. But their recent focus has shifted heavily towards cryptocurrency. According to some analysts, they've made off with somewhere between $3 billion and $4 billion from various crypto companies since 2017.
Just recently, they pulled off a classic move during the Deribit hack—breaching a hot wallet and making off with $28 million in crypto. And just like clockwork, they used Tornado Cash to launder it all.
What’s wild is that even after using mixers and hopping through multiple addresses, law enforcement is still hot on their trail. Now they’re specifically targeting $1.7 million in USDT that was part of the haul.
The level of sophistication is mind-blowing. The group uses tailor-made tools for each operation and has an incredibly fast turnaround time for laundering their loot. Just days after hitting Coinshift for over $900K, they moved into Steadefi's deployer wallet and drained another $1.2 million—all within minutes of each other!
Their process involves converting stolen crypto into stablecoins and then cashing out through peer-to-peer exchanges like Paxful and Noones. Interestingly enough, Lazarus's activity on Paxful includes an address that’s also linked to several other hacks.
So why can’t we stop them? Part of the answer lies in how well they exploit existing systems—both regulatory and technological. While some exchanges are freezing assets (Tether just blacklisted $374K), others are probably not so cooperative.
Crypto exchanges that aren’t compliant or are operating under no regulatory oversight are basically giving these groups a free pass to launder without any repercussions.
At the end of the day, while legal actions might disrupt things temporarily—they're not stopping anyone long-term! As we’ve seen with groups like Lazarus—they adapt quickly!
For crypto exchanges looking to bolster security against such sophisticated threats—the time for action was yesterday! Advanced KYC/AML policies along with better compliance measures could go a long way in making sure these funds don’t get laundered so easily.