North Korea’s Lazarus Group steals over $5.2M from a crypto trader
The post North Korea’s Lazarus Group steals over $5.2M from a crypto trader appeared on BitcoinEthereumNews.com. North Korea’s Lazarus Group has been linked to a cyberattack that stole more than $5.2 million from a crypto trader on May 24, according to blockchain investigator ZackXBT. The theft occurred through a sophisticated malware attack, with funds siphoned from several wallet types including multisig, externally owned accounts (EOAs), and exchange wallets. The incident, revealed on ZackXBT’s Telegram channel on Tuesday, insinuated that the group could be changing their focus from high-net-worth individuals and companies to intraday individual traders. After the heist, approximately 1,000 ETH was funneled into Tornado Cash, a crypto-mixing service commonly used to obscure the origin of stolen digital assets. The stolen assets were then promptly liquidated on the open market. Addresses traced, Tornado Cash used to launder funds ZachXBT’s channel listed three Ethereum addresses tied to the heist. Along with minor token balances of QBX, Blocklords, Astra Protocol, and DAI totaling around $1,340, the principal address had more than 40 ETH, which is around $107,000 at current market values. It is thought that these funds were part of the malware attack’s profits. Last weekend, just nine transactions were processed using the second address, which seemed to be new. It sent more than 200 ETH to the main address. Finally, as of this publication, the other crypto address held around $2.7 million DAI, which was the majority of the stolen funds. This pattern of conduct is consistent with what was found in a recent study by TRM Labs, which details the worldwide web of Russian criminal organizations and Chinese over-the-counter brokers that North Korea uses to launder its illegal profits. The report alleges that Lazarus supplies the technical expertise, but their partners provide the channels to integrate stolen funds into markets legitimately. Money laundering continues in Q2 2025 In April, blockchain analytics firm SpotOnChain reported that a…
The post North Korea’s Lazarus Group steals over $5.2M from a crypto trader appeared on BitcoinEthereumNews.com.
North Korea’s Lazarus Group has been linked to a cyberattack that stole more than $5.2 million from a crypto trader on May 24, according to blockchain investigator ZackXBT. The theft occurred through a sophisticated malware attack, with funds siphoned from several wallet types including multisig, externally owned accounts (EOAs), and exchange wallets. The incident, revealed on ZackXBT’s Telegram channel on Tuesday, insinuated that the group could be changing their focus from high-net-worth individuals and companies to intraday individual traders. After the heist, approximately 1,000 ETH was funneled into Tornado Cash, a crypto-mixing service commonly used to obscure the origin of stolen digital assets. The stolen assets were then promptly liquidated on the open market. Addresses traced, Tornado Cash used to launder funds ZachXBT’s channel listed three Ethereum addresses tied to the heist. Along with minor token balances of QBX, Blocklords, Astra Protocol, and DAI totaling around $1,340, the principal address had more than 40 ETH, which is around $107,000 at current market values. It is thought that these funds were part of the malware attack’s profits. Last weekend, just nine transactions were processed using the second address, which seemed to be new. It sent more than 200 ETH to the main address. Finally, as of this publication, the other crypto address held around $2.7 million DAI, which was the majority of the stolen funds. This pattern of conduct is consistent with what was found in a recent study by TRM Labs, which details the worldwide web of Russian criminal organizations and Chinese over-the-counter brokers that North Korea uses to launder its illegal profits. The report alleges that Lazarus supplies the technical expertise, but their partners provide the channels to integrate stolen funds into markets legitimately. Money laundering continues in Q2 2025 In April, blockchain analytics firm SpotOnChain reported that a…
What's Your Reaction?
