Lazarus Group Controls $1.13 Billion in Bitcoin After Bybit Hack

The Lazarus Group, linked to a recent $1.5 billion hack of Bybit, now holds significant cryptoassets, expanding its presence in the crypto space.

Lazarus Among Top Bitcoin Holders

According to BitBO, Lazarus Group's Bitcoin holdings surpass those of countries like Bhutan and El Salvador, possessing 13,029 and 6,089 BTC, respectively. If North Korea's government has access to these funds, it would position the nation as the fifth-largest state-linked holder of Bitcoin, behind the United States, China, the United Kingdom, and Ukraine. Beyond Bitcoin, Lazarus-linked wallets contain 13,702 ETH, worth around $26 million, along with 5,022 BNB valued at $3 million. Additional assets include $2.2 million in DAI and other stablecoins. Arkham Intelligence detected recent conversions of stolen ETH into BTC.

Laundering Attempts and Malware Deployment

Blockchain security firm CertiK identified that Lazarus deposited 400 ETH, worth about $750,000 at the time, into Tornado Cash on March 13 in an attempt to obfuscate their origins. These funds were traced to prior activity on the Bitcoin network. Meanwhile, the cybersecurity firm Socket uncovered six new malware packages linked to Lazarus. These programs target cryptocurrency wallets like Solana and Exodus by embedding malicious software in JavaScript libraries. The malware, named 'BeaverTail,' aims to infiltrate developer environments, steal credentials, and extract digital assets.

OKX's Security Measures

Crypto exchange OKX suspended its Web3 decentralized exchange aggregator on March 17 after detecting coordinated misuse related to Lazarus. The platform implemented a system to track and block hacker-related addresses in real-time. Bloomberg previously reported that OKX's aggregator was used to launder $100 million linked to Lazarus and the Bybit hack. The group's activities underscore the challenges crypto platforms face in preventing illicit transactions.

Lazarus Group's activities raise security concerns across the crypto community. Platforms like OKX are deploying new technologies to counteract efforts to use decentralized finance for illicit activity.