North Korea, Russia hackers double down on crypto mixers

Sahana Kiran
North Korea
Source – Russia Briefing

Hacks don’t surprise the crypto community anymore. Even during the gruesome bear market, the crypto community had to deal with attacks. These hacks are certainly not limited to a few thousand. Millions of dollars have been washed away over the last couple of months. Names that have been popping up quite often are Russia and North Korea. A recent report curated by Chainalysis reveals that crypto mixers have been receiving increased amounts of illicit crypto.

As per the report, the 30-day moving average of the value garnered by mixers managed to surge to a high of $51.8 million in April. Illicit addresses accounted for 23 percent of the funds sent to these mixers throughout the year. This was near twice the percentage sent last year which was 12 percent.

Source

As seen in the above image, about 10 percent of all funds sent from illicit addresses are further sent down to crypto mixers. Other addresses were nowhere close to this.

Mixers are likely the most private sector of the crypto-verse. Since the transaction history is concealed, money laundering activities take the front stage here. Tornado Cash has been emerging as a prominent platform for hackers.

These mixers acquired most of these funds from Hydra Marketplace, a Russian darknet. North Korea was right next to Russia, as its government-backed Lazarus Group stood second. While this graph was limited to sanctioned entities, both these regions have noted high illicit activity.

As seen in the above image, Hydra accounted for 50 percent of funds. It should be noted that it was sanctioned back in April 2022. Hydra has often popped up in the crypto-verse as it employed these assets to carry out activity on the dark web.

North Korea’s Lazarus Group veers under the spotlight

Lazarus Group is the same entity behind the infamous Ronin Bridge and the latest Harmony’s Horizon Bridge attack. While Ronin Bridge was hacked for a whopping $625 million, Horizon Bridge underwent a $100 million exploit. Therefore, it isn’t surprising that they accounted for 30 percent of the illicit funds sent to mixers.

Along with the Lazarus Group, there was another entity from North Korea itself. While it accounted for 18 percent in the above graph, Chainalysis said,

“Blender.io, on the other hand, became the first ever mixer sanctioned this year for its role in laundering funds stolen by Lazarus Group and others associated with North Korea. Any funds it sends to other mixers could very well represent a continuation of that activity.”

North Korea seems to be at forefront of the crypto hacking business. The economic conditions of the country remain under the wraps. Meanwhile, illicit activities as such have been taking the spotlight.