North Korea’s Lazarus Group Laundered $200M in Crypto, Reveals ZachXBT Investigation

As a researcher with extensive experience in on-chain investigations, I am deeply concerned about the findings of ZachXBT’s investigation into North Korea’s Lazarus Group. The group’s laundering operations involving over $200 million in stolen cryptocurrency are a significant threat to the security and integrity of the crypto ecosystem.


Investigation conducted by crypto expert ZachXBT uncovers that the North Korean cybercriminal group Lazarus allegedly laundered more than $200 million in ill-gotten cryptocurrencies using coin mixers and peer-to-peer trading platforms.

ZachXBT Finds $200M Laundered

As a crypto investor and follower of on-chain investigations, I’ve been intrigued by ZachXBT’s recent findings regarding North Korea’s Lazarus Group and their elaborate cryptocurrency laundering schemes. Over the past three years, from August 2020 to October 2023, this hacker collective has managed to steal over $200 million worth of digital assets. Their methods have proven to be quite sophisticated, making it a fascinating investigation for those in the crypto community.

In my research as a blockchain investigator, I delved into over 25 exploits across different blockchains, meticulously tracking the trails of ill-gotten gains. These funds were subtly transferred through coin mixers, peer-to-peer marketplaces, and centralized exchanges, skillfully concealing their origin in the crypto world.

Use of Mixers and Exchanges

The Lazarus Group is known for utilizing Ethereum‘s Tornado Cash and Bitcoin‘s ChipMixer for their illicit activities. Additionally, they exchanged significant sums of cryptocurrency for fiat money through peer-to-peer trading platforms. Approximately $44 million from these heists were transferred to accounts associated with the group, which could be traced back to usernames “EasyGoatfish351” and “FairJunco470” on these platforms.

Addressing their findings on social media, ZachXBT wrote, 

Many individuals within the community have felt the consequences of Lazarus Group’s attacks, both directly and indirectly. The extent of this impact is expected to grow further.

Lazarus Group’s Notorious History

The Lazarus Group is notoriously known for orchestrating major cryptocurrency thefts, utilizing advanced cyberassaults to swipe funds. They have been implicated in high-profile breaches, such as the $100 million Harmony bridge incident in January 2023 and the Ronin bridge hack that occurred in March 2022.

As a analyst, I’d rephrase it this way: Based on the United Nations Security Council’s report, I estimate that the total value of the digital assets stolen by them exceeds $3 billion. The UNSC further accuses these illicit activities of financing North Korea’s weapons development program.

Scrutiny on Mixers Like Tornado Cash

Tornado Cash, a cryptocurrency mixing app, has come under scrutiny from US authorities due to its use by the Lazarus Group for laundering large sums of funds. Just a month ago, the group used Tornado Cash to launder $12 million worth of stolen ETH funds.

The United States government has initiated legal proceedings against the developers of Tornado.Cash, Roman Storm and Alexey Pertsev, accusing them of conspiring to facilitate money laundering, breaching sanctions, and operating an unregistered money transfer service.

Although attempts have been made to curb the use of crypto mixers in money laundering, data from Chainalysis reveals a relatively small decrease – 29% – in such activities during the year 2023. The Lazarus Group’s resurfacing at Tornado Cash serves as a reminder of the persistent struggle between regulatory bodies and cybercriminals in this domain.

Read More

Sorry. No data so far.

2024-05-01 17:03