Lazarus Group Launders $35M from DMM Bitcoin Hack
Lazarus Group Launders $35M from $305M DMM Bitcoin Hack Through Cambodian Marketplace; Tether Blocks $28.2M in Attempted Transfer.
Key Takeaways:
- Lazarus Group laundered $35M from the $305M DMM Bitcoin hack through a Cambodian marketplace.
- Huione Guarantee, the marketplace used, has processed $11B in criminal cryptocurrency transactions.
- Tether blacklisted a Tron wallet address, blocking $28.2M from reaching Huione.
- In 2024, centralized exchanges witnessed a 900% increase in theft, with hackers stealing over $1.4B in cryptocurrency.
Blockchain investigator ZachXBT has uncovered new developments after the $305 million DMM Bitcoin hack in May 2024. The notorious Lazarus Group, alleged perpetrators of the heist, have laundered more than $35 million through an online marketplace in Cambodia this month.
Hackers Siphon Funds Through Cambodian Marketplace
ZachXBT's investigations revealed that the stolen funds were funneled through Huione Guarantee, a marketplace operating in Cambodia, tied to the powerful Hun family.
Elliptic reports that Huione Guarantee has processed approximately $11 billion in cryptocurrency transactions linked to various criminal activities, including hacks and scams.
The DMM Bitcoin hackers used a series of strategies, including chain hopping and crypto mixers, to reduce the traceability of the loot.
However, Tether blacklisted an affiliated Tron wallet address on July 12, blocking $28.2 million from reaching Huione. This wallet had previously extracted about $14 million from the DMM Bitcoin hack over three days.
ZachXBT's investigation has identified 538 wallet addresses linked to Lazarus Group, Huione, and other entities connected to the DMM Bitcoin hack.
Recall that the Japan-based cryptocurrency exchange DMM Bitcoin fell victim to a critical vulnerability exploit on May 30, resulting in an “unauthorized leak” of Bitcoin totaling $305 million. In response to the losses suffered from the hack, DMM Bitcoin raised $305 million within a week to compensate affected users for their losses.
Broader Implications for Crypto Security
The Lazarus group's alleged laundering incident is part of a larger trend of cryptocurrency thefts, although recent data suggests a shifting landscape.
According to Cyvers, a blockchain security firm, hackers stole over $1.4 billion in cryptocurrency in 2024. Centralized exchanges have become a major target, with losses increasing sharply—up 900% in just a year.
While 2022 saw $3.7 billion stolen, making it the peak year for crypto theft, 2023 recorded a significant decline, with total stolen funds decreasing by 54.3% to $1.7 billion.
This reduction is believed to be partly attributed to improved security measures in the decentralized finance (DeFi) sector, which has been most affected by crypto thefts.
Despite these efforts, high-profile hacks persisted, including the $197 million heist on Euler Finance in March and the $73.5 million breach of Curve Finance in July. The DMM Bitcoin hack and the laundering attempts linked to the cyber criminals underscore the challenges in securing and retrieving crypto funds as more and more criminals employ sophisticated tactics to obfuscate their tracks.