- North Korean hacking syndicate has over $40 million worth of BTC in its stash after a series of prolific attacks.
- The state-backed entity was fingered in the hacks against Atomic Wallet, CoinEX, and Alphao.
- Stolen crypto assets are reportedly used to fund North Korea’s nuclear program amid tight sanctions against the pariah state.
Despite the report pegging the holdings of Lazarus Group at $47 million, pundits say the North Korean hacking syndicate holds assets running into hundreds of millions of dollars.
New on-chain data by Dune Analytics has pegged the value of virtual currencies held by Lazarus Group at just over $47 million. According to the report, Lazarus Group owns $42.5 million worth of Bitcoin (BTC) and $1.1 million in Ethereum (ETH), with the rest held in stablecoins.
The data comes from tracking 295 wallets associated with the hacking syndicate, identified by the U.S. authorities following their involvement in industry attacks. A key feature of Lazarus Group’s stash is the absence of privacy coins such as Monero (XMR) or Zcash (Zcash), known for their ability to obscure transaction details.
Experts have warned that the figures in the report may be less than Lazarus Group’s cryptocurrency holdings as the syndicate may be operating unknown addresses.
“We should note that this is a lower-bound estimation of Lazarus Group’s crypto holdings based on publicly available information,” said research firm 21co.
After Lazarus Group’s hack on Stake.com in early September, Dune Analytics noted a marked decline in the syndicate’s holdings from highs of $46 million. Aside from the hack on Stake.com, law enforcement authorities have pointed accusing fingers against the state-backed entity for the security breaches on CoinEx, CoinsPaid, and Atomic Wallet, netting the group over $100 million in illicit funds.
Despite the activity around the group, Chainlaysis revealed a lull in Lazarus Group’s activities, with the gang netting only $340.4 million since the start of the year. By September 2022, Lazarus Group had earned over $1 billion in a series of high-profile hacks against virtual currency exchanges and decentralized finance (DeFi) projects.
Aware of the threats posed by Lazarus Group, US authorities have warned of increased ransomware attacks in the coming months, particularly targeted against healthcare entities.
All for the nuclear program
According to a United Nations (UN) report, North Korea has been relying on stolen cryptocurrencies to fund its nuclear program after stiff sanctions made it difficult for the country to access foreign exchange.
In early 2023, South Korea imposed new sanctions on North Korean citizens involved in financing its nuclear weapons program via ransomware attacks. Jin-hyok, one of the sanctioned individuals, has also been blacklisted by the US Federal Bureau of Investigation (FBI) and the US Treasury.
Source: Read Full Article