7
crypto hacking concept Bybit/flickr.com

KEY POINTS

  • The Lazarus Group was also linked to the hacking of the crypto exchange CoinEx, draining over $55 million in funds
  • The group's largest hacks include the $620 million theft from Sky Mavis' Ronin Bridge in March 2022
  • Hacking groups backed by the North Korea are reportedly using crypto platforms in Russia to launder their stolen funds

The Lazarus Group, a cybercrime organization linked to North Korea, has nearly $47 million in crypto holdings, 92% of which is Bitcoin, new data reveals.

Data collated by 21.co, the parent company of 21Shares – the world's largest issuer of cryptocurrency exchange-traded products – from blockchain ecosystem analytics Dune highlighted that wallet addresses linked to Lazarus Group currently hold approximately $46.14 million in digital assets.

Of the total crypto holdings, Bitcoin (BTC) has the biggest chunk, which comprises 92.11% of the assets worth $42.5 million, followed by Ether (ETH) worth $1.9 million, Binance Coin (BNB) worth $1.1 million and $640,000 in stablecoins primarily made up of Binance stablecoin (BUSD).

The data was reportedly from 295 wallets identified by the FBI and Treasury Department's Office of Foreign Assets Control (OFAC) as being owned by the notorious cybercrime group.

The Lazarus Group does not hold any privacy coins, which are a lot harder to trace compared to ERC-20 tokens and other crypto assets. The FBI said the notorious organization was behind some of the multi-million dollar hacks in the cryptocurrency industry over the past years.

According to the agency, the group's largest hacks include the $620 million theft from Sky Mavis' Ronin Bridge on March 29, 2022, Harmony's $100 million Horizon Bridge hack on June 22, 2022, the $100 million theft from Atomic Wallet this June, the $60 million theft from Alphapo and $37 million theft from CoinsPaid – both on July 22 – and the $41 million theft from Stake.com on Sept. 4.

"This is a lower-bound estimation of Lazarus Group's crypto holdings based on publicly available information," 21.co said.

The Lazarus Group was also linked to the hacking of the cryptocurrency exchange CoinEx, which lost over $55 million in funds this month.

Hackers and hacking groups believed to be backed by North Korea have been using crypto exchange platforms in Russia to launder their stolen funds, according to a recent report from blockchain analysis firm Chainalysis.

"Not only does this revelation signify a potent alliance between North Korean and Russian cybercriminal actors, but it also presents challenges for global authorities. Russia's notoriously uncooperative stance toward international efforts by law enforcement makes the prospect of recovering stolen funds sent to Russian exchanges particularly grim," Chainalysis said in the report.

Read more