Back

Lazarus Transfers Funds from $305 Million DMM Bitcoin Hack

sameAuthor avatar

Written & Edited by
Daria Krasnova

15 July 2024 14:47 UTC
Trusted
  • Hackers linked to Lazarus Group laundered $35M from DMM Bitcoin hack via Huione Guarantee.
  • Funds were converted through THORChain into ETH, AVAX, USDT, and TRX before ending up with Huione.
  • Huione Guarantee, allegedly tied to Cambodian government, laundered over $11B in criminal funds, per Elliptic report.
Promo

Hackers allegedly linked to North Korean group Lazarus have moved more than $35 million, presumably from a hack on cryptocurrency exchange DMM Bitcoin.

According to on-chain sleuth ZachXBT, the stolen funds were laundered through Huione Guarantee, a company operating in Cambodia.

Sponsored
Sponsored

Lazarus Shifts Funds from $305 Million Heist

Cryptocurrency investigator ZachXBT revealed that hackers ran bitcoins (BTC) stolen from DMM Bitcoin through mixers over the weekend. They then converted the BTC into Ethereum (ETH) and Avalanche (AVAX) via the cross-chain liquidity protocol THORChain.

The attackers subsequently transferred the assets into Tether (USDT) and then into Tron (TRX). Eventually, all the cryptocurrency ended up with Huione Guarantee.

One transfer of $28.2 million was blocked when the issuer of Tether blacklisted the Tron address “TNVaK…s4Ug8” on July 12. ZachXBT noted that this wallet had withdrawn about $14 million from the DMM hack in just three days.

Sponsored
Sponsored

Read more: Crypto Scam Projects: How To Spot Fake Tokens

DMM hackers moves
DMM Hackers Moves. Source: X/Twitter

On-chain detective also shared a list of 538 addresses associated with Lazarus, Huione, and others involved in the hack. He suggested that the North Korean group Lazarus is behind the incident, based on the money laundering methods and offchain metrics observed.

Huione Guarantee, part of Cambodia’s Huione Group, started as a promising marketplace for real estate and cars. However, researchers from Elliptic found fraudulent activity behind its seemingly legitimate operations. The platform offered “deposit and escrow services” to secure transactions, but it turned out to be popular among scammers in Southeast Asia.

Most payments on the platform were made using USDT stablecoin. Elliptic researchers discovered that the platform processed over $11 billion in transactions since it started, with $3.4 billion happening in 2024 alone. Huione is also believed to be linked to the Cambodian government.

“Huione has become a major hub for illicit funds in South East Asia, primarily being used by criminal organizations such as pig butchering gangs. Last year I found millions from the $31M Fintoch investment fraud scheme went to Huione,” ZachXBT noted.

Sponsored
Sponsored

Read more: 15 Most Common Crypto Scams to Look Out For

The value of USDT received by cryptocurrency wallets used by Huione Guarantee
The Value of USDT Received by Huione Guarantee Wallets. Source: Elliptic

Japan-based DMM Bitcoin suffered a massive hack in May 2024, marking the largest blockchain incident since December 2022 and the third-largest in crypto history. Attackers exploited a critical vulnerability in the site’s security, allowing to gain access to its servers.

Less than a week after the hack, DMM Bitcoin announced its intention to raise 50 billion yen ($321 million) to compensate affected users.

Disclaimer

In adherence to the Trust Project guidelines, BeInCrypto is committed to unbiased, transparent reporting. This news article aims to provide accurate, timely information. However, readers are advised to verify facts independently and consult with a professional before making any decisions based on this content. Please note that our Terms and Conditions, Privacy Policy, and Disclaimers have been updated.