Two major cryptocurrency exchanges, Binance and Huobi, have frozen accounts containing approximately $1.4 million in crypto assets linked to the North Korean Lazarus Group’s cybercrime activities.
How Huobi and Binance did it
This swift action was made possible by espionage provided by Elliptic, a blockchain analytics firm, which traced the funds to their destination.
The Harmony’s Horizon Bridge was hacked on June 24th, 2022, resulting in the loss of $99.6 million in crypto assets. The hackers laundered these stolen funds through the now-sanctioned Tornado Cash.
Following the hack, the funds remained dormant until they were recently detected, being funneled through complex chains of transactions to cryptocurrency exchanges.
Elliptic investigators traced the entirety of the funds and attributed the hack to the Lazarus Group, a North Korean-controlled cybercrime organization. The FBI later confirmed this attribution.
This incident underlines the need for industry players to maintain their vigilance and take action in order to identify and prevent money laundering in digital assets.
While governments are taking measures to crack down on cybercrime and North Korea’s financing of its military programs, the responsibility falls on the industry to do its part in ensuring digital assets are not used for illicit purposes.
Simone Maini, the Chief Executive Officer of Elliptic, has stressed the significance of identifying and preventing instances of money laundering using digital assets.
According to Maini, the digital asset sector has the ability and obligation to prevent digital assets from becoming a shelter for money launderers and sanctions evaders and to guarantee that digital assets be a force for good in the world.
The swift response by the receiving exchanges has prevented the hackers from cashing out the stolen assets and reinforces the importance of collaboration between blockchain analytics firms, exchanges, and law enforcement agencies in fighting cybercrime.
Sanctions and South Korea’s response
North Korea has become notorious for its cyber-attacks, and the South Korean government has introduced sanctions in response to these actions, targeting four North Korean individuals and seven entities, including those linked to the Reconnaissance General Bureau, North Korea’s main intelligence agency.
This agency is responsible for Pyongyang’s cyberwarfare operations, including the hacking collective Lazarus Group. One of its members, Park Jin Hyok, is on the FBI’s Most Wanted list of cybercriminals, having been linked to the Wannacry ransomware and other cyber-attacks. Pyongyang Automation University, believed to be training North Korean hackers, has also been blacklisted.
The sanctions, which are South Korea’s first to be imposed unilaterally, are designed to obstruct North Korea’s attempts to finance its weapons programs using the stolen assets.
According to the South Korean Ministry of Foreign Affairs, these hackers have stolen digital currency worth more than $1.2 billion since 2017, with over half of it coming from the attack on Ronin, the blockchain network of the online game Axie Infinity, last March.
In an era of increasing cybercrime, it is crucial that exchanges and blockchain analytics businesses continue cooperating to ensure the security of the blockchain and prevent digital assets from slipping into the wrong hands.