According to a confidential United Nations report recently revealed, North Korean hacking group The Lazarus Group has returned thousands of stolen cryptocurrencies to the country.

Nearly $150 million passed through

The report reveals that the cybercriminals channeled $147.5 million worth of cryptocurrency through Tornado Cash, a mixer that was sanctioned by the United States in 2021.

The Lazarus Group has been linked to one of the biggest heists of March 2023 on the crypto exchange HTX, led by TRON’s founder Justin Sun. The stolen money was then laundered through Tornado Cash – a mixer praised for its privacy features but also criticized for facilitating criminal activity.

More than $3 billion stolen between 2017 and 2024

The UN report, presented to a Security Council sanctions committee, reveals a broader investigation into 97 suspected North Korean cyberattacks on crypto companies between 2017 and 2024, in which more than $3 billion was stolen.

The research shows that North Korea has significant cyberwarfare capabilities and that cybercrime is a major source of foreign exchange.

Tornado Cash is often used by North Korean hackers to launder stolen cryptocurrency. In 2022, the United States sanctioned Tornado Cash, accusing it of facilitating money laundering for North Korea. In 2023, two co-founders of Tornado Cash were accused of aiding more than $1 billion in money laundering activities, including transactions related to North Korean cybercriminals.

Since 2023, reach has been expanded with more hacks

North Korea has increasingly targeted cryptocurrency platforms, expanding its reach with a record 20 hacks in 2023, despite a downturn in the crypto market. According to Chainalysis, these hacks have generated more than $1 billion, with $429 million stolen from DeFi platforms and significant amounts from centralized services, exchanges and wallet providers.

With sophisticated tactics and the use of mixers such as Tornado Cash, the Lazarus Group continues to pose a significant threat to global financial security. The international community remains vigilant and works to locate and recover stolen assets, while implementing stricter sanctions and security measures to thwart future cybercrime.


Leave a Reply

Your email address will not be published. Required fields are marked *