Anonymous Crypto Influencer Exposes Notorious Lazarus Group in Detailed Report

In this post:

  • ZachXBT exposes the Lazarus Group exploits within the crypto space.
  • ZachXBT is a respected Blockchain analyst within the crypto space.
  • Lazarus Group is notorious for cyber exploits within the DeFi space.

The Coinmarketcap Crypto Awards 2024, awarded anonymous Crypto Influencer ZachXBT the ‘Social Influencer to Watch’ award building credibility to the newly released investigation.

The investigation delves into exploits made by the Lazarus Group going as far back as 2020. He tracks the movement of the funds on the blockchain from the point of exploit to instances where they were converted to Fiat or frozen.

A look into the attacks

According to his investigation, the Lazarus Group used well-known yet sophisticated methods to exploit their victims. In ZachXBT’s words, the Lazarus Group is ‘financially motivated utilizing malware custom built for each target.’

ZachXBT compiled attacks from over 20 hacks, resulting in hundreds of millions of U.S. dollars laundered. Some victims included Coinberry, Unibright, Coinmetro, Nexus Mutual Founder, EasyFi, Bondly, MGNR, Polyplay, bZx, and Coinshift.

Most of the attacks were social engineered, with themes used for attack repeating over multiple victims. One method involved phishing emails that installed malicious software in victim computers.

Phishing email allegedly used by Lazarus Group.

Another social engineering attack involved chatting up team members before sending them a file that contained malicious software.

The attacks involved stealing private keys and using them to exploit vulnerable contracts.


The Lazarus Group did not owe up to the attacks. ZachXBT used ingenuity to unravel the attacks and connect all of them to the group. 

According to the investigation, the stolen funds were laundered through crypto-mixing services such as Tornado Cash. ZachXBT exposed how he navigated the mixing services to trace the movement of the funds.

After the exploits, some funds ended up in Binance crypto exchanges, Noones, and Paxful P2P exchanges, which were exchanged with Fiat. Some of the funds were also frozen.

Who is the Lazarus group?

The Lazarus Group is notorious for cyber attacks and crimes motivated by financial exploits. The groups’ misdealings can be traced as far back as 2009, with victims including Sony Pictures and Bangladesh Bank, and 2020 for Decentralized Finance (DeFi) protocols. 

Who is ZachXBT?

ZachXBT is an anonymous blockchain analyst famous for exposing unethical practices and hacks on his X account. 

His true identity remains unknown; however, a tweet he made on January 16, 2023, hinted at Zachary as his first name.

ZachXBT has over 570K followers on X.  He also blogs some detailed investigations on mirror.xyz. Most of the pseudonym’s fame arises from his extensive on-chain analysis, which he details on X threads.

Disclaimer. The information provided is not trading advice. Cryptopolitan.com holds no liability for any investments made based on the information provided on this page. We strongly recommend independent research and/or consultation with a qualified professional before making any investment decisions.

Share link:

Most read

Loading Most Read articles...

Stay on top of crypto news, get daily updates in your inbox

Related News

U.S. House Approves FIT21 Crypto Bill
Subscribe to CryptoPolitan