According to recent data collected by Dune Analytics on the notorious Lazarus Group, a North Korean state-sponsored hacking group, it is reported that the agency collectively holds around $47 million worth of digital assets in wallets that are linked to breaches on multiple exchanges and token bridges.
The Dune dashboard tracked 295 wallets identified by the Federal Bureau of Investigation (FBI) and the U.S. Office of Foreign Assets Control (OFAC) as owned by the hacking group to find that they hold $42.5 million worth of Bitcoin (BTC), $1.9 million in Ether (ETH), $1.1 million in BNB, and $645,000 in dollar-pegged stablecoins, primarily comprised of Binance USD (BUSD).
Lazarus-Linked Wallets Hold Over $45 Million In Stolen Crypto And Are Still Active
The data was compiled by 21. co – the parent company of Swiss-based crypto investment firm 21Shares – showed that the amount of crypto held by the wallets seems to have dropped from $86 million recorded on September 6, which was a few days after the hackers breached crypto gambling platform Stake.com to get away with $41 million worth of BTC, ETH, BNB, and Polygon (MATIC) tokens.
The wallets are reportedly still active, with the most recent transaction having taken place on September 20. However, 21.co noted that its findings were a “lower-bound estimation” of Lazarus Group’s crypto holdings based on publicly available information on the blockchain.
CoinEx Hackers Sent Stolen Funds To Wallet Connected With Other Lazarus Exploits
In August, blockchain security firm Elliptic published a report holding the Lazarus Group accountable for stealing nearly $240 million worth of assets from several crypto-based platforms over a period of 3 months. The most recent of these attacks was the $55 million breach that took place on the CoinEx exchange.
Funds stolen from the exchange were allegedly sent to a wallet address that was previously used by those involved with laundering tokens from Stake.com, which helped authorities link the case to Lazarus Group.
Furthermore, Lazarus hackers mixed the funds with addresses connected to the Stake hack and then sent them over to another address linked to the $100 million hack on the crypto wallet platform Atomic in June.
Crypto Hacks Down Over 80% From Last Year
That month, the group was on a spree, breaching payment platforms Alphapo and CoinsPaid in the process to collectively rake up more than $200 million in stolen funds. However, Chainalysis says exploits by North Korea-linked hackers are down by a whopping 80% from last year
As of September, North Korean attackers had stolen digital assets worth a total of $340.4 million in 2023, compared to a record $1.2 billion in crypto pilfered in 2022. A vast majority of hacks that happened this year were on projects hosted on the newly launched Ethereum Layer-2 scaling network Base, which is owned by Coinbase. Ethereum is said to be the most popular blockchain among hackers.
FBI Warns Healthcare And Public Sector Entities Of More Attack From Lazarus
Last week, the Health Sector Cybersecurity Coordination Center of the U.S. Department of Health and Human Services warned that Lazarus Group is actively targeting IT and healthcare sector companies in America and Europe.
The FBI also issued a warning stating that the criminal organization was using new hacking techniques that posed a significant risk to vital data held by private and public companies.
Blockchain security agencies also observed a change in Lazarus’ attacking trend. The hackers are now more focused on exploiting centralized platforms over decentralized ones as they are much easier to conduct social engineering attacks on.