News Hub

North Korea’s Lazarus Group Has Stolen $240M in Crypto in Just 104 Days: Elliptic

Adding to the tally is the $54 million hack of crypto exchange CoinEx, which blockchain sleuths at Elliptic now believe Lazarus was likely behind.

Andrew Throuvalas3 min read

Your Web3 Gaming Power-Up

Enjoy exclusive benefits with the GG Membership Pass

Decrypt’s Art, Fashion, and Entertainment Hub.

Discover SCENE

Blockchain surveillance firm Elliptic published a report Friday detailing the exploits of notorious North Korean hacking group Lazarus, which has been “ramping up” activity in recent months.

The organization has been linked to five major crypto hacks over the past three months. The latest, according to blockchain data, was the global cryptocurrency exchange CoinEx, which was hacked earlier this week for a now estimated $54 million. All in all, Elliptic estimates that North Korea's Lazarus is responsible for the theft of almost $240 million in crypto in just the past 104 days alone.

“Elliptic analysis confirms that some of the funds stolen from CoinEx were sent to an address which was used by the Lazarus group to launder funds stolen from the Drake-backed crypto casio Stake.com, albeit on a different blockchain,” wrote Elliptic. The FBI said last week that Lazarus was responsible for stealing $41 million in cryptocurrency from Stake.

Elliptic's findings today corroborate those of on-chain sleuth ZachXBT, who on Wednesday said on Twitter that the CoinEx hacker had “accidentally connect their address” to the Stake hack.

The hacker then moved stolen funds to Ethereum using a bridge previously used by Lazarus, before transferring them to a wallet address known to be controlled by the hacker. A substantial portion of funds originated from the Tron and Polygon blockchains.

READ
Early $BTC Millionaire Erik Finman Says GameFi Will Drive This Bull Market, As $GFOX Stands to Lead the Pack

According to Elliptic, Lazarus hackers also mixed funds with addresses that were seen during the Stake hack and used an address that was involved in the $100 million Atomic wallet hack in June.

“In light of this blockchain activity, and in the absence of information suggesting the CoinEx hack was conducted by any other threat group, Elliptic agrees that Lazarus Group should be suspected for the theft of funds from CoinEx,” researchers at the analytic firm said.

Other hacks in which Lazarus has been recently implicated include the crypto payments platform CoinsPaid in late June, and the crypto payment provider Alphapo in July. Elliptic noted that the group appears to be re-targeting centralized platforms as opposed to decentralized ones, possibly due to social engineering attacks being more feasible against such targets.

CoinEx put out an open letter to hackers on Friday requesting that they contact the company either via email or over the blockchain to negotiate a bug bounty and return of funds.

Related posts

USDR liquidity crisis costs a trader 131,350 stablecoins

admin

Bitcoin Dogs (0DOG) surges as Bitcoin (BTC) demand increases in the US

admin

Former SEC chair on Bitcoin ETF: ‘I think approval is inevitable’

admin