2 months ago
20 ARTICLE AD
Currently, the group is also under investigation for a June security breach at CoinStats, where private keys from 1,590 wallets were accessed, resulting in a $2.2 million cryptocurrency theft.
In a significant development, the $305 million hack of DMM Bitcoin has been linked to the Lazarus Group, a notorious cybercrime syndicate believed to operate out of North Korea. Investigator ZachXBT has noted similarities between this heist and past operations of the group, particularly in their laundering methods.
Hack Details and Laundering Process
On May 31, 2024, DMM Bitcoin fell victim to a massive unauthorized access incident, resulting in the loss of 4,502.9 BTC. Blockchain investigator ZachXBT revealed that more than $35 million of the stolen funds have already been laundered through Huione Guarantee, an online marketplace based in Southeast Asia.
1/4 So far in July 2024 more than $35M from the $305M DMM Bitcoin hack has been laundered to the online marketplace Huione Guarantee
It is suspected that Lazarus Group is behind the hack due to similarities in laundering techniques and off chain indicators. pic.twitter.com/g1ndlttBll
— ZachXBT (@zachxbt) July 14, 2024
The laundering process involved depositing the stolen BTC into privacy mixers, withdrawing it, and converting it into other cryptocurrencies via various blockchain networks. During the laundering process, Tether, a leading stablecoin issuer, took action by blacklisting a Tron-based wallet holding 29.6 million USDT.
This wallet received $14 million worth of funds from the DMM Bitcoin hack within a short three-day period. ZachXBT also disclosed 538 wallet addresses associated with Lazarus Group, Huione, and other entities connected to the DMM Bitcoin hack.
Huione Guarantee’s Role and Political Connections
Huione Guarantee has emerged as a major hub for illicit funds in Southeast Asia, allegedly handling transactions exceeding $11 billion since 2021, as reported by blockchain analytics firm Elliptic. The marketplace, linked to the Cambodian government through the Huione Group, is under scrutiny for its involvement in facilitating crypto scams and money laundering activities.
Hun To, a cousin of Cambodian Prime Minister Hun Manet, serves as a director within the Huione Group, adding political complexity to the investigation. The incident highlights the urgent need for stricter regulations and global collaboration to combat cyber-enabled financial crimes effectively.
Lazarus Group’s Rising String of Thefts
Lazarus Group, also known as APT38, is a notorious hacker group believed to operate from North Korea, and specializes in cyber attacks, with a high preference for cryptocurrencies. According to cybersecurity firm Recorded Future, the group has stolen over $3 billion in cryptocurrency over the past six years, and the figure is rapidly growing.
One of their most high-profile attacks was the 2018 attack on the Japanese cryptocurrency exchange Coincheck, an incident in which $530 million was lost. Despite being under investigation by multiple international agencies, Lazarus Group continues to escalate its activities. The recent DMM Bitcoin hack signifies the group’s ongoing involvement in the crypto hacking sector.
Currently, the group is also under investigation for a June security breach at CoinStats, where private keys from 1,590 wallets were accessed, resulting in a $2.2 million cryptocurrency theft.
