The notorious North Korean hacking entity, Lazarus Group, recently transferred approximately $1.2 million worth of Bitcoin (BTC) from a coin mixer to a holding wallet. This movement marks their largest transaction in the past month, drawing attention from cybersecurity experts and blockchain analysts.
Recent Transaction Details
Blockchain analysis firm Arkham reported that the Lazarus Group’s wallet received 27.371 BTC in two transactions. Subsequently, 3.34 BTC were transferred to another wallet that the group had previously used. The identity of the coin mixer involved in these transactions remains undisclosed. Coin mixers are used to obscure the trail of cryptocurrency transactions, complicating efforts to trace the ownership and flow of funds.
This latest move by the Lazarus Group adds to its long history of sophisticated cyber thefts, particularly in cryptocurrency. The U.S. Treasury Department has linked them to a substantial $600 million cryptocurrency heist from the Ronin bridge connected to Axie Infinity, a popular online game.
Lazarus Group’s Growing Crypto Reservoir
Currently, the Lazarus Group’s combined wallet holdings are valued at around $79 million, per Arkham’s tags. This includes approximately $73 million in Bitcoin and $3.4 million in Ether (ETH). This significant wealth accumulation through illicit means highlights the group’s persistent and evolving tactics in cryptocurrency.
Moreover, a recent report by TRM Labs indicates that North Korea-affiliated hackers, including Lazarus Group, were responsible for a third of all cryptocurrency exploits and thefts in 2023. These activities have reportedly netted them around $600 million.
Patterns of Cyberattacks
The Lazarus Group’s operational methods have become a subject of analysis for many cybersecurity firms. Taylor Monahan, a developer for Metamask, noted that the recent Orbit attack, which led to the loss of $81 million, bore similarities to previous Lazarus Group operations. Such patterns provide crucial insights into their strategies and may help develop more effective defense mechanisms against future attacks.
The cybersecurity firm Recorded Future has attributed over $3 billion worth of cryptocurrency hacks and exploits to Lazarus Group over the past three years. Their continuous and successful execution of high-profile cyber thefts underlines the advanced nature of their capabilities and the challenges faced in combating such threats.