On January 8th, the North Korean hacking collective known as the Lazarus Group resumed their financial activities after a period of dormancy, transferring over $1 million in Bitcoin. Blockchain analysis firm Arkham Intelligence observed that the group conducted two separate transactions, moving a total of 27.371 BTC, equivalent to around $1.2 million. A portion of this, 3.343 BTC (valued at approximately $150,582), was sent to a previously unused address belonging to the group.
Arkham Intelligence estimates the Lazarus Group's total holdings to be worth about $79 million. While the exact purpose behind these transactions remains speculative, it could signal the group's preparation for further operations. The Lazarus Group, believed to be backed by the North Korean government, was accountable for a third of all hacking incidents in 2023, causing losses of about $700 million. They are known for employing sophisticated methods, such as using counterfeit job offers and impersonating renowned venture capitalists to target their victims.
From 2017 to 2023, the Lazarus Group is credited with stealing roughly $3 billion. This includes the notorious Ronin Bridge hack in March 2022, which led to the theft of over $600 million in Ether and USDC from Axie Infinity, a play-to-earn game developed by Vietnamese company Sky Mavis. This incident is recorded as the largest cryptocurrency heist to date.
The activities of the Lazarus Group have prompted significant responses from the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC). In reaction to the Ronin Bridge attack, OFAC imposed sanctions on the cryptocurrency mixer Blender.io, marking the first such action. Following this, OFAC has continued to sanction other entities, including Tornado Cash and various individuals linked to the Lazarus Group.
