Blog

Within the Lazarus Group Money Laundering Strategy


In the post-mortem of $ 1.5 billion bybit hack.

According to For Nansen, the usual approach to the Lazarus group first involves replacing unknown properties with more fungible and, therefore, easier to move. After the Bybit Hack, the offender returned at least $ 200 million to staked tokens in Ether (Eth), which can move easier onchain.

After this return from Illiquid to liquid owners, the launch process is carried out. To create an obfuscation, the hacker used a maze of intermediate wallets to create a complex path aimed at confusing the trackers. According to the chainalysis, the funds has been that -laundered Through decentralized exchanges, crosschain bridges, and even instant replacement services that do not require verification of your customer (KYC).

Related: Bybit CEO declared ‘war against Lazarus’ after $ 1.4B hack

The complexity of the Lazarus Group launch efforts. Source: Chainalysis

Most ETH was eventually replaced for bitcoin (Btc) and stablecoins like Dai (Dai). In some cases, blockchain analysts were able to monitor these movements in real time. It allowed some organizations that operate these decentralized protocols, such as chainflip, To block the offender’s attempt to launder the stolen fund.

Throughout the launch process, the hacker continues to destroy the stolen funds in smaller pools sent to a growing number of wallets. The first “hop” divided funds from a purse to 42 purses. The second “hop” from 42 purses to thousands.

Related: Bybit Hack, Removal of Top $ 5.3B, but ‘Reserve has exceeded liabilities’ – Hacken

So far, money laundered from Bybit Hack is just part of $ 1.5 billion. The Lazarus Group has another approach to avoid the increased attention brought by a high-profile heist: sit and wait. Some purses with stolen money – a sum that throughout the wallets Currently costs $ 900 million) remained dormant as the group indicated time for investigation to die.

The nearly $ 1.5 billion hack was more than the entire Haul of the group in 2024 – $ 1.3 billion in 47 attacks. The attack stands as Biggest crypto heist of all timeone who rallies in the community together In support of bybit and against hackers. As the Lazarus Group grew rising, it continued to adapt. As reported by Cointelegraph, Cyberwarfare approach remains One of the most identical -benefit and sophisticated in the world.

Magazine: Lazarus Group’s favorite exploitation is revealed – Crypto hacks review