• The U.S. government is seizing $2.67 million linked to North Korean hackers' laundering schemes using Tornado Cash.

  • Lazarus Group's hacks include a $28 million theft from Deribit and a $41 million attack on Stake.com, highlighting ongoing threats.

  • Law enforcement has frozen significant assets from these hacks, but the Lazarus Group continues to elude full recovery of stolen funds.

$2.67 million connected to the North Korean hacker group Lazarus Group is being seized by the US authorities. This action follows two hacks. One hack targeted the crypto options exchange Deribit in November 2022. The second hack affected the online casino Stake.com. The forfeiture actions reveal critical insights into how North Korean hackers launder cryptocurrency through mixers like Tornado Cash.

https://twitter.com/solidintel_x/status/1843007135124508987 Tracing the Deribit Hack Funds

The first forfeiture filing pertains to the $28 million stolen from Deribit. This theft involved accessing the exchange's hot wallet server. After obtaining the funds, hackers converted them to Ethereum. They then used Tornado Cash to launder the assets. Law enforcement tracked these funds through a series of Ethereum wallets.

These wallets displayed similar transaction patterns. They received transfers within minutes of each other. Additionally, they utilized the same cross-chain bridges and transaction fee funding sources. Consequently, law enforcement could trace approximately $1.7 million in Tether (USDT) through five frozen wallets. The hackers made three attempts to launder these funds. However, law enforcement froze the funds in the first two attempts. In the third attempt, the hackers successfully laundered the remaining assets.

Laundering Funds from Stake.com

The second filing involves the Lazarus Group's $41 million attack on Stake.com. Hackers aim to launder stolen funds in three stages. First, they converted the stolen assets into Bitcoin through Avalanche's bridge. Next, they used Bitcoin mixers Sinbad and Yonmix. Finally, the hackers converted the Bitcoin into stablecoins, including USDT.

During the laundering process, law enforcement froze funds during the first and third stages. This intervention was likely due to asset freeze requests to Avalanche Bridge. Law enforcement froze seven transactions during the initial phase. They involved converting stolen assets into native tokens like MATIC and BNB. However, the hackers managed to transfer most of the stolen funds to the Bitcoin blockchain.Despite improved tracking capabilities, the Lazarus Group remains active. They were recently implicated in the $230 million exploit of the Indian crypto exchange WazirX. The ongoing threat from this group underscores the importance of vigilance in the cryptocurrency.

The post The Lazarus Group’s $2.67 Million Laundering Scheme Reveals Crypto Crimes appeared first on Crypto News Land.