Thursday, April 3, 2025

Inside the Lazarus Group money laundering strategy

189
SHARES
1.5k
VIEWS
Sign up an get up to $1000 USDT!


In the autopsy of the $1.5 billion Bybit hack, two blockchain analysis organizations — Nansen and Chainalysis — have revealed the Lazarus Group’s money laundering strategy, which incorporates swapping illiquid belongings for liquid belongings, creating a posh money path, and letting sure wallets sit dormant to let scrutiny die down.

According to Nansen, the typical Lazarus Group strategy first includes swapping the illiquid belongings into these which can be extra fungible and, due to this fact, simpler to maneuver. After the Bybit hack, the perpetrator transformed no less than $200 million in staked tokens into Ether (ETH), which could be moved rather more simply onchain.

Related articles

After this conversion from illiquid to liquid belongings, the laundering course of was carried out. To create obfuscation, the hacker used a maze of intermediate wallets to create a posh path geared toward complicated trackers. Based on Chainalysis, the funds were laundered via decentralized exchanges, crosschain bridges, and even on the spot swap providers that don’t require Know Your Buyer (KYC) verification.

Associated: Bybit CEO declares ‘war against Lazarus’ after $1.4B hack

The complexity of Lazarus Group’s laundering efforts. Supply: Chainalysis

A lot of the ETH was finally swapped for Bitcoin (BTC) and stablecoins resembling Dai (DAI). In some circumstances, blockchain analysts had been capable of monitor these actions in actual time. That allowed sure organizations operating these decentralized protocols, resembling Chainflip, to block the perpetrator’s attempt to launder the stolen funds.

All through the laundering course of, the hacker saved breaking the stolen funds into smaller swimming pools despatched to a rising variety of wallets. The primary “hop” divided the funds from one pockets to 42 wallets. The second “hop” from 42 wallets into hundreds.

Associated: Bybit hack, withdrawals top $5.3B, but ‘reserves exceed liabilities’ — Hacken

Up to now, the money laundered from the Bybit hack is only a portion of the $1.5 billion. Lazarus Group has one other strategy to keep away from the heightened consideration {that a} high-profile heist brings: sit and wait. Some wallets with stolen money — a sum that throughout wallets currently amounts to $900 million) have remained dormant as the group bides its time for the scrutiny to die down.

The practically $1.5 billion hack is greater than the group’s whole haul in 2024 — $1.3 billion over 47 assaults. The assault stands as the biggest crypto heist of all time, one which rallied the group collectively in support of Bybit and towards the hackers. As Lazarus Group faces elevated scrutiny, it has continued to adapt. As Cointelegraph reported, its cyberwarfare strategy stays one of the most lucrative and sophisticated in the world.

Journal: Lazarus Group’s favorite exploit revealed — Crypto hacks analysis