Recent forfeiture actions by the US Attorney for the District of Columbia have revealed new insights into how North Korean hackers launder stolen cryptocurrency. The US government is now seeking to recover about $2.67 million in crypto linked to two major hacks orchestrated by the Lazarus Group, a hacking syndicate believed to be affiliated with North Korea.

The first forfeiture complaint involves $1.7 million worth of Tether (USDT), traced through the Tornado Cash crypto mixer. These funds stemmed from the Lazarus Group’s $28 million hack of the Deribit exchange in November 2022. Authorities are also targeting $971,000 worth of Avalanche-bridged Bitcoin (BTC.b), stolen during the group’s $41 million breach of crypto casino Stake.com.

Tracing the Funds from Deribit Hack

The US government’s investigation into the Deribit hack revealed how the Lazarus Group used Tornado Cash to obscure their trail. After gaining unauthorized access to Deribit’s hot wallet server, the hackers swapped assets into Ethereum, sending them through Tornado Cash—a decentralized mixer that scrambles transactions to make them harder to trace.

Despite these efforts, authorities were able to track around $1.7 million of the stolen funds, which had been converted into Tether on the Tron blockchain.

Investigators traced the funds by analyzing Ethereum wallets that exhibited similar behaviors, including synchronized transaction timing and shared sources of funding for transaction fees. The group’s first two attempts to launder the stolen assets were blocked when law enforcement froze certain wallets. However, a third attempt succeeded, resulting in the laundering of the remaining funds.

Stake.com Hack

In the second filing, the US government seeks to recover crypto from the Lazarus Group’s $41 million hack of Stake.com. After stealing the funds, the group converted the assets into Bitcoin using Avalanche’s Bitcoin bridge and then funneled the funds through multiple crypto mixers, including Sinbad and Yonmix. These mixers further obscured the flow of funds by dispersing them across multiple transactions.

Despite the group’s complex laundering methods, authorities managed to freeze a portion of the funds during both the first and final stages of the laundering process. With nearly $2.67 million already frozen, the U.S. government’s pursuit of justice continues in its efforts to dismantle North Korea’s crypto crime operations.

The post US Government Plans to Freeze $2.67M in Crypto from North Korean Hacks appeared first on TheCoinrise.com.