Recent actions by the US Attorney for the District of Columbia have revealed new details about how North Korean hackers launder stolen cryptocurrency. The US government seeks to recover approximately $2.67 million linked to two major hacks orchestrated by the Lazarus Group.

Funds Theft on Deribit

The first forfeiture complaint involves $1.7 million worth of Tether (USDT) traced through the Tornado Cash crypto mixer. These funds were stolen during the Lazarus Group's attack on the Deribit exchange in November 2022. Hackers used Tornado Cash to obscure transaction trails by converting assets into Ethereum before further dispersal. Authorities managed to trace about $1.7 million of the stolen funds converted into Tether on the Tron blockchain.

Stake.com Hack

The second filing involves attempts to recover cryptocurrency following the Lazarus Group's $41 million hack of crypto casino Stake.com. The group converted stolen assets into Bitcoin using Avalanche’s Bitcoin bridge and utilized several crypto mixers, including Sinbad and Yonmix, to further mask the funds. Despite these complex laundering methods, authorities successfully froze portions of the funds at various stages of the laundering process.

Challenges and Investigation Prospects

Although authorities managed to freeze approximately $2.67 million, the investigation is ongoing. The US government continues its efforts to combat North Korea-related cybercrime and dismantle the financial operations used by hackers.

US investigations highlight the complex cryptocurrency laundering schemes employed by the Lazarus Group. Despite challenges, authorities have managed to seize funds and continue efforts to recover stolen assets and curb criminal activity.