Getty ImagesHackers working in the North Korean regime have been believed to have successfully cashed out at least $300 million (£232 million) of record-breaking $1.5 billion in crypto robberies.
The criminal is known as the Lazarus Group Two weeks ago.
Since then, it’s a cat shopping game that tracks and prevents hackers from successfully converting cryptocurrencies into available cash.
Experts say the infamous hacker team works nearly 24 hours a day – and may put that money into the regime’s military development.
“Every minute is important for hackers trying to confuse money trails, and they’re very delicate in what they do,” said Tom Robinson, co-founder of Crypto investigator Elliptic.
Dr. Robinson said that among all the criminals involved in cryptocurrencies, North Korea is the best money-laundering cryptocurrencies.
“I think they have a person’s entire room using automated tools and years of experience. We can also see from their activities that they only have a few hours of rest a day and may have shifts to turn cryptocurrencies into cash.”
Elliptic’s analysis is related to Bybit’s analysis, which says 20% of funds have “blacked”, meaning it is impossible to be restored.
In recent years, the United States and allies have accused North Koreans of dozens of hacking attacks to fund the regime’s military and nuclear development.
On February 21, criminals cut off a vendor from Bybit to secretly change the digital wallet address to which 401,000 Ethereum crypto coins were sent.
Bybit thinks it transfers funds to its digital wallet, but instead sends all the funds to the hacker.
Getty ImagesBybit’s CEO Ben Zhou assured clients that none of their funds were taken away.
The company has since replenished the stolen coins with investor loans, but in Zhou’s words, “start a war against Lazarus.”
Bybit’s Lazarus Bounty Program encourages the public to track stolen funds and freeze them as much as possible.
All crypto transactions are displayed on the public blockchain, so the money can be tracked because the Lazarus Group moved the money away.
If a hacker tries to use mainstream crypto services to try to convert coins into ordinary funds like the dollar, then they can freeze crypto coins if they think they are related to crime.
So far, 20 people have shared over $4 million in rewards to successfully identify $40 million in stolen funds and remind cryptocurrency companies to block transfers.
But given North Korea’s expertise in hacking and money laundering, experts are frustrated by the opportunity for the rest of the funding.
“North Korea is a very closed system and closed economy, so they have created a successful industry for hacking and money laundering, and they don’t care about the negative impression of cybercrime,” said Dorit Dor, PhD of the cybersecurity company Check Point.
Another problem is that not all crypto companies are willing to help like others.
Bybit and others have no crypto exchanges that prevent criminals from cashing out.
Through this exchange, more than $90 million was successfully raised.
However, by emailing the elusive owner of the exchange – Johann Roberts – disputed it.
He admitted they didn’t stop the funding initially because his company had long been controversial with Bybit, saying his team wasn’t sure the coin was definitely from the hacker.
He said he is working now but believes mainstream companies identifying crypto customers have abandoned the private and anonymous benefits of cryptocurrencies.
FBINorth Korea has never admitted to being behind the Lazarus Group, but is considered the only country in the world to use its hacking power to gain economic benefits.
Previously, the Lazarus Group hacked banks, but in the past five years, it has specifically attacked cryptocurrency companies.
The industry is less protected by less mechanisms to prevent them from laundering money.
Recent hackers related to North Korea include:
- Hacker attack on Upbit in 2019, priced at $41 million
- $275 million in cryptocurrency stolen from Exchange Kucoin (most of the funds have been recovered)
- Ronin Bridge attack in 2022, see hackers make $600 million in cryptocurrency
- About $100 million in cryptocurrency stolen in 2023 in the attack on atomic wallet
In 2020, the United States added to its network’s most wanted list accused of being a member of the Lazarus Group. But unless they leave the country, the chances of individuals who have been arrested are very slim.
