North Korean Hackers Shift Money Laundering Tactics, Use Cross-Chain Bridges
According to a report by Chainalysis, North Korean hackers known as the Lazarus Group are adopting new money laundering techniques and increasingly utilizing cross-chain bridges. The group, notorious for its attacks on crypto companies and protocols, has transitioned from using the Tornado Cash mixing protocol and Sinbad mixer to a new mixer called YoMix. Inflows of funds to YoMix have grown five times over 2023, with one third of the funds coming from wallets associated with crypto hacks. Chainalysis states that this shift demonstrates the ability of sophisticated actors to adapt and find alternative obfuscation services. The report also reveals that North Korean hackers are among the most frequent users of bridges for money laundering.
Increased Use of Cross-Chain Bridges by Lazarus Group
The Lazarus Group, known for its extensive hacking activities targeting cryptocurrency companies and protocols, has been observed using cross-chain bridges as part of their money laundering efforts. Chainalysis reports that bridging protocols have become increasingly popular among cybercriminals, receiving $743.8 million worth of crypto from crime-related addresses in 2023, twice the amount compared to 2022. North Korea-affiliated hackers, including the Lazarus Group, have been particularly active in utilizing these bridges for money laundering purposes. This shift highlights their ability to adapt and find alternative methods to obfuscate illicit funds.
Decline in Popularity of Mixers
Chainalysis findings indicate a decrease in the popularity of mixers among cybercriminals. In 2023, blockchain wallets linked to illicit activities sent $22.2 billion worth of cryptocurrency to platforms and services that facilitate fund obfuscation, such as exchanges, mixers, and DeFi platforms. This amount is significantly lower compared to the $31.5 billion sent in 2022. Specifically, mixers received $504.3 million worth of crypto from crime-linked addresses in 2023, down from $1 billion in 2022. The report suggests that criminals may be diversifying their money laundering activities to evade detection by law enforcement and exchange compliance teams.
Concentration of Illicit Funds on Centralized Exchanges
Centralized exchanges continue to be the primary destination for illicit funds. According to Chainalysis, 71.7% of all illicit services in 2023 were directed to just five centralized platforms. The report reveals that 109 exchange deposit addresses received over $10 million worth of illicit crypto each, totaling $3.4 billion in 2023. This represents a significant increase compared to 2022 when only 40 addresses received over $10 million in illicit crypto, totaling just under $2 billion. However, different types of cybercrime exhibit varying levels of concentration, with ransomware and child sexual exploitation vendors showing high concentration while online scammers and darknet vendors use a greater variety of deposit addresses.
By
By
By
By
By