Hackers behind the $305 million hack of cryptocurrency exchange DMM Bitcoin in May laundered more than $35 million at an online marketplace in Cambodia this month.
According to cryptocurrency investigative expert ZachXBT, the funds were laundered through Huione Guarantee, which operates in Cambodia and is linked to the country's “Hun ruling family,” according to blockchain forensics firm Elliptic in a post. Posted July 10.
The market has traded $11 billion in cryptocurrency from hacks, pig butchering scams and other exploits, according to Elliptic.
“The Lazarus Group is suspected to be behind the hack due to similar money laundering techniques and off-chain indicators,” ZachXBT said.
The hackers deposited the stolen Bitcoin into secure mixers, withdrew that Bitcoin, and converted the funds to Ethereum or Avalanche via the cross-chain liquidity protocol THORChain.
ZachXBT said the funds were then converted to USDT and transferred to Tron before being transferred to Huione.
However, $28.2 million was blocked from reaching Huione after stablecoin issuer Tether blacklisted the Tron wallet address “TNVaK…s4Ug8” on July 12.
This is the wallet that withdrew about $14 million from the DMM Bitcoin hack within three days, ZachXBT noted.
ZachXBT also shared 538 wallet addresses associated with Lazarus Group, Huione, and other wallets involved in the DMM Bitcoin hack.
Japan-based DMM Bitcoin lost $305 million in Bitcoin after a critical vulnerability was exploited. The vulnerability allowed hackers to access DMM Bitcoin’s servers, causing an “unauthorized leak” of Bitcoin on May 30.
The cryptocurrency exchange raised $320 million about a week later to compensate users for their losses.
More than $1.4 billion in cryptocurrency has been stolen so far in 2024, according to blockchain security firm Cyvers.
Centralized exchanges have become a prime target for hackers, with losses increasing 900% over the past 12 months.
“This quarter saw a significant shift in attack vectors, with centralized exchanges (CEXs) suffering the majority of major incidents, while decentralized finance (DeFi) protocols showed improved resilience,” Cyvers said.