Key Insights
- After weeks of silence, the notorious Lazarus Group has resumed activity, moving $1.2 million crypto in Bitcoin.
- The Lazarus Group transferred the Bitcoin through a mixer, sending a portion to an inactive address, and dividing the remaining amount.
- This state-backed group is responsible for Axie Infinity‘s $600 million attack and is estimated to have stolen $700 million in 2023.
- 2024 has already seen several hacks, including $4.5 million from Radiant Capital and $82 million from Orbit Chain.
- The Lazarus Group’s activity adds to the anxieties surrounding crypto security, leaving the community wondering which protocol might face an attack next.
The Lazarus Group, one of the most notorious hacker groups from North Korea has just resumed activity after several weeks of silence.
This state-funded hacker group recently moved a stash of more than $1 million in Bitcoin around on 8 January 2023, possibly signalling that another protocol is about to be hit.
Moving Funds From a Mixer
The Lazarus Group reportedly moved 27.371 BTC—roughly $1.2 million at the time of writing—from what looked to be a cryptocurrency mixer, according to a recent tweet from Arkham Intelligence.
Right after making this transfer, Arkham intelligence data shows that the group sent another 3.343 BTC, or almost $150,000, to an old, inactive address.
The money that remained was divided into smaller portions and then sent to several other addresses.
After the transactions, the Lazarus Group’s Bitcoin holdings were assessed by Arkham Intelligence to now be worth $79 million, leaving speculators to wonder:
What is going on, and is this a sign of more attacks to come?
History of Crypto Cyberattacks
It is widely assumed that the Lazarus Group is supported by the North Korean government, which employs cyberattacks to make money and jump over restrictions. Some of the most well-known hacks in the cryptocurrency industry, as well as other industries, are attributed to this group.
A Chainalysis study from 2023 stated that the organization was responsible for one-third of all cyberattacks during the year and that they had stolen up to $700 million. The group, so far, have used several strategies, including phishing, brute force attacks, and building harmful websites and applications to siphon money off its victims.
The most well-known heist carried out by the gang occurred in March 2022 when it took advantage of a weakness in the bridge contract of Axie Infinity (also called the Ronin bridge) and used it to steal over $600 million worth of Ether and USD Coin (USDC) as shown by DefiLlama here.
The group has also targeted banks, exchanges, and government organizations worldwide in addition to other cryptocurrency platforms including KuCoin, DragonEx, Upbit, and Bithumb.
Is Another Crypto Protocol About to Be Hit?
2024 is barely 2 weeks in, and already, Radiant Capital got hit by a $4.5 million flash loan attack as outlined in this article.
Beosin, a blockchain security company also tagged this attack as a “flash loan attack”, stating that the attacker took advantage of a “rounding issue” in the protocol’s codebase, that allowed the attacker to steal money by repeatedly calling the deposit() and withdraw() functions.
Before this as well, the Orbit chain was exploited only a few days into 2024, for a whopping $82 million in 5 separate attacks containing $30 million in Tether (USDT), $10 million in USD Coin (USDC), $21.7 million in Ether (ETH), $9.8 million in Wrapped Bitcoin (WBTC), and $10 million in DAI.
The year has started on the wrong foot in terms of hacks, with nearly $100 million stolen in the first week.
The Lazarus group’s recent actions may turn out to be nothing to worry about. Nevertheless, the community holds its breath, wondering which protocol is next.
Disclaimer: Voice of Crypto aims to deliver accurate and up-to-date information, but it will not be responsible for any missing facts or inaccurate information. Cryptocurrencies are highly volatile financial assets, so research and make your own financial decisions.
