North Korean Lazarus Group Linked to $305 Million DMM Bitcoin Hack

There is a possibility that the North Korean Lazarus Group was the criminal organization responsible for the DMM Bitcoin breach earlier this year. A string of transactions involving funds that originated from wallets associated with Lazarus provided the clue, as stated by recent discoveries made by ZachXBT, a crypto on-chain sleuth. Furthermore, ZachXBT brought attention to the parallels between actions related to money laundering and off-chain indications.

The DMM Bitcoin Funds That Have Been Stolen Are Moving

Theft from a cryptocurrency exchange or a crypto protocol is one thing; however, laundering the funds without being discovered is still a significant challenge. As an illustration, ZachXBT reports that the DMM Bitcoin theft resulted in losses of up to $305 million.

A total of $35 million has been transferred to the Huione Guarantee exchange this month, as indicated by the tracking of the stolen monies brought into and taken out of the platform. From the findings of ZachXBT, it can be shown that the stablecoin issuer has just blacklisted a wallet that is associated with the Lazarus Group. This wallet is located on the Tron blockchain, with a total value of $29.6 million in its contents.

Approximately fourteen million dollars were transferred to this wallet with the identifier "TNVaK...s4Ug8" within three days of the DMM Bitcoin attack. ZachXBT recounted the events to assist the cryptocurrency community in comprehending the hack and its flow.

He began by stating that the funds taken from DMM Bitcoin were transferred to a mixer. Following this, the money was sent from the mixer to the THORChain, Threshold, and Avalanche bridge, where it was transformed from Bitcoin to either Ethereum or Avalanche cryptocurrency. In the aftermath of these events, the hackers used SWFT to convert the Bitcoin to USDT on Tron.

For this final stage, the assumption is still in place that the stolen monies were appropriately concealed from both their point of origin and their final destination.

An Alternative Kind of Hacking Trend

Hacking and cyber-attacks are not uncommon within the realm of Web3 today. Coingape disclosed the most recent security issue at Squarespace, an information technology service provider that supplies Compound Finance and Celer Network. However, neither protocol experienced any financial loss due to the exploit, which caused their websites to become unavailable.

Even though other abuses almost always result in a loss of funds, specific projects are frequently able to negotiate terms that result in reimbursement. It should be noted, however, that none of these refunds have been documented in any of the exploits associated with the Lazarus Group. Although it is still unclear whether the revelation from ZachXBT would provide some closure, the DMM Bitcoin breach continues to be regarded as one of the most severe incidents the industry witnessed in 2018.