tl;dr
The Lazarus Group, responsible for the recent $1.5 billion Bybit hack, now holds 13,518 BTC worth $1.13 billion. This potentially makes North Korea the fifth-largest nation-state in BTC holdings. The group also holds 13,702 ETH, 5,022 BNB, $2.2 million in DAI, and various stablecoins. North Korea-li...
The Lazarus Group, known for its recent $1.5 billion Bybit hack, has amassed a significant amount of cryptocurrency assets. As of now, the group holds 13,518 BTC valued at $1.13 billion, making North Korea potentially the fifth-largest nation-state in BTC holdings. Alongside Bitcoin, they also possess 13,702 ETH, 5,022 BNB, $2.2 million in DAI, and various stablecoins.
Reports suggest that North Korea-linked actors have successfully pilfered over $6 billion in crypto assets since 2017, with the funds being allegedly funneled into the country’s ballistic missile program. The group has shown a persistent interest in targeting cryptocurrency wallets and deploying new malware packages to achieve their objectives.
One recent development in this ongoing saga is the suspension of OKX's Web3 decentralized exchange aggregator due to a coordinated effort by the Lazarus group to exploit their DeFi services. This comes following the revelation that Lazarus-linked wallets hold significant amounts of ETH, BNB, DAI, and various stablecoins.
According to Arkham Intelligence, Lazarus Group-affiliated wallets contain 13,702 ETH worth approximately $26 million, 5,022 BNB valued at $3 million, $2.2 million in DAI, and multiple other crypto assets. The group's utilization of malware to infiltrate developer environments, steal credentials, extract cryptocurrency data, and establish backdoors has been a cause for concern among security experts.
Furthermore, in response to the Bybit hack, OKX has implemented a hacker address detection system for its Web3 DEX aggregator. This system tracks the latest addresses associated with the attacker and promptly blocks them in real-time in the CEX system. The exchange recently faced scrutiny after reports emerged of its DEX aggregator being used to launder $100 million in crypto connected to Lazarus and the hack.
The continuous exploits by the Lazarus Group serve as a reminder of the evolving threat landscape in the crypto space. It underscores the importance of robust security measures and vigilant monitoring to safeguard against malicious actors seeking to exploit vulnerabilities for financial gain.
As developments in the cybercrime realm unfold, stakeholders in the crypto industry must remain proactive in mitigating risks and enhancing their defenses to combat sophisticated threats like those posed by the Lazarus Group.