- The well-known North Korean hacker group Lazarus moved 41,000 ETH worth around $63.5 million among more than 350 accounts.
- The Lazarus Group has been implicated in massive Bitcoin thefts totaling more than $2 billion.
Lazarus, the infamous North Korean hacker group, had a busy weekend moving millions of dollars in Ethereum. This weekend, The Lazarus Group has started transporting their loot from the Harmony Bridge hack.
Blockchain detective “ZachXBT” posted information about the movements of significant sums of Ethereum on 16 January. The Tornado Cash anonymizing service was the source of the cryptocurrency assets, which were routed through Railgun.
A smart contract privacy framework called Railgun conceals transactions using zero-knowledge proofs. According to the analyst who tracked the transfers through more than 350 addresses, 41,000 ETH worth around $63.5 million was transmitted through Railgun before being deposited on three distinct exchanges.
So, what happened?
It was not stated which exchanges were used, but the analyst claimed that it is often removed from them very shortly. Lazarus has gotten pretty good at transporting illegal cryptocurrency while avoiding being found by law enforcement. The Harmony Bridge attack in June 2022 was associated with the cyber collective. Elliptic, a company that performs blockchain analysis, at the time provided a thorough report on the attack.
Harmony Bridge was breached on 24 June for around $100 million. Elliptic claimed to have employed “Tornado demixing capabilities” to follow the stolen money through Tornado and to other wallets.
More than $2 billion worth of serious Bitcoin thefts has been connected to The Lazarus Group. It began concentrating on DeFi and cross-chain bridges in 2022 and was thought to be responsible for the $600 million Ronin Bridge attack.
According to a recent report from the cybersecurity company Kaspersky, BlueNoroff, the name given by security researchers to a group linked to the Lazarus Group, a North Korean state-sponsored hacking collective, has increased the scope of its illegal activities by pretending to be venture capitalists interested in investing in cryptocurrency startups.
According to Kaspersky’s study, it first discovered BlueNoroff’s global attacks against cryptocurrency businesses in January 2022, but activity slowed down until the fall.
For North Korean hackers, stealing cryptocurrency has been a lucrative industry. Cryptocurrency worth over $1.2 billion has been stolen since 2017, according to data from South Korean espionage services. Several businesses, including FTX, were targeted by cyberattacks in 2022.