ZachXBT has reported that the recent $305 million hack of DMM Bitcoin, a Japanese crypto exchange, might be the work of the Lazarus Group, a group known for its ties to North Korea. ZachXBT noticed that the way the stolen money was being moved around looked very similar to how Lazarus usually operates.
In a tweet, the on-chain investigator shared that over $35 million of the stolen funds were sent to an online marketplace called Huione Guarantee in July. This caught the eye of Tether the stablecoin issuer, which blocked a Tron-based wallet holding 29.6 million USDT in it. This same wallet, which is connected to Huione, had gotten about $14 million from the DMM Bitcoin hack in just three days.
The hackers used a complex method to hide this stolen money. They mixed the Bitcoin, moved it across different blockchain networks, and changed it into other types of digital coins. This process looks a lot like what the Lazarus Group has done before.
“It is suspected that Lazarus Group is behind the hack due to similarities in laundering techniques and off chain indicators.” ZachXBT tweeted.
The hackers then changed the stolen Bitcoin into USDT, even though Tether can block USDT. ZachXBT explains that they did this because they’re selling the stolen assets through small over-the-counter services that only accept USDT.
This incident also shows how Huione Guarantee is becoming a popular platform for hackers to move cryptocurrencies. A recent report by a company called Elliptic Research found that Huione has handled at least $11 billion in crypto over the last three years, with a lot of it linked to illegal activities.
Also Read: Doja Cat’s X Account Hacked to Promote Scam Token “$DOJA”
