KuCoin hackers Lazarus Group now changing money laundering strategy: Report
A cybercrime group working on behalf of the North Korean government is now believed to have orchestrated the largest cryptocurrency hack of 2020, according to a report by Chainalysis.
The KuCoin hack of 2020 saw $275 million worth of crypto stolen from the exchange after hackers obtained access to the private keys of the exchange’s hot wallet.
The hackers, known as the Lazarus Group, have accounted for over $1.75 billion of stolen cryptocurrencies. According to experts, the proceeds from these hacks primarily go towards North Korea’s nuclear weapons program.
According to Chainalysis,
“We were able to attribute this hack to Lazarus Group due in part to the KuCoin hackers’ use of a specific money laundering strategy Lazarus has frequently used in the past.”
The money laundering strategy in question involves sending stolen funds to mixers in structured payments of the same size — usually an amount just below a round number in Bitcoin — that can be higher or lower depending on the size of the total amount to be laundered.
Once the funds are mixed, Lazarus Group then sends the funds to OTC brokers on one or a few exchanges across the globe. The report went on to add,
“This, along with other pieces of evidence we’re unable to share at this time, helped us identify Lazarus Group as the culprits.”
Interestingly, Chainalysis also found a shift in the Lazarus Group’s money laundering strategy. In 2020, the hackers’ use of DeFi platforms more than doubled, while their use of exchanges came down.
The group is also increasing the number of unique cryptocurrency addresses under its control. In fact, by the end of 2020, Chainalysis had identified over 2,078 different addresses associated with the group.
Crypto-exchanges have been working on strengthening their security measures of late following the U.S Department of Justice’s complaint in August last year. At the time, the Justice Department had filed a civil forfeiture complaint concerning 280 accounts tagged to hacks of virtual currency exchanges by North Korean actors.
Yep you are right. But it will be harder to monitor. And as we’ve seen from defi, the area is ripe with innovation and richer and more complex strategies for skirting the KYC will likely arise.
— Alonso de Gortari (@alonsodegortari) February 9, 2021
However, at this point in time, DeFi platforms are unlikely to follow suit, meaning that tracing and stopping stolen funds is still a challenge in the realm of decentralized finance.