North Korean Hacker Group, Lazarus Group, Sends Bitcoin to Multiple Unknown Addresses
The notorious North Korean hacker group, Lazarus Group, has been spotted sending Bitcoin to various unknown addresses, reducing their total holdings to 13,441 BTC, as revealed by on-chain data.
The recent data from Arkham Intelligence indicates that the Bitcoin holdings of the Lazarus Group are currently valued at approximately $1.15 billion after the series of transfers. On March 20, at around 9:18 AM UTC, the group’s wallet sent 12.929 BTC, equivalent to $1.12 million, to an unidentified wallet address.
Subsequent to the initial transfer, the wallet proceeded to distribute Bitcoin to four other wallet addresses. Two unknown wallets each received 0.308 BTC, while one wallet received approximately 14.849 BTC, and another received 15.684 BTC. In total, more than 44.07 BTC ($3.76 million) was sent to five different wallet addresses within the span of three hours.
By spreading their BTC holdings across multiple wallets, it is suspected that the Lazarus Group may be engaging in these transactions for the purpose of money laundering, aiming to obfuscate the trail of the funds.
Bybit CEO Ben Zhou recently stated that 88.87% of the stolen funds from the exchange can still be traced through on-chain data. The hackers have converted around 86.29% of the stolen funds, totaling $1.23 billion, into 12,836 Bitcoin, which has been distributed across as many as 9,117 wallets. Zhou believes that the hackers are utilizing Bitcoin mixers to further obscure the transaction history, making it increasingly challenging to follow the money.
Current Holdings and Background of the Lazarus Group
Presently, the wallet associated with the Lazarus Group, as identified by Arkham Intelligence, holds 13,658 ETH (ETH) valued at approximately $27 million. Additionally, the wallet contains $3.17 million in BNB (BNB), $706,400 in DAI (DAI), and $288,870 in BABYDOGE (BABYDOGE). The remaining assets are held in stablecoins such as BUSD (BUSD), USDT (USDT), and USDC (USDC). However, the majority of their wealth is stored in Bitcoin.
The Lazarus Group, known as a North Korean state-sponsored hacking entity, has been operational since at least 2009. Their initial known operation, “Operation Troy,” targeted the South Korean government.
Most recently, the group orchestrated a hack on the Bybit crypto exchange, resulting in losses of approximately $1.4 billion for the platform. This cyberattack ranks as one of the largest cryptocurrency heists on record.