Lazarus Evades Sanctions, Uses YoMix to Launder Stolen Funds

The North Korean hacker group Lazarus, notorious for its numerous significant cryptocurrency thefts, has shifted to utilizing the Bitcoin mixer YoMix for laundering stolen funds. This development was reported by the analytics firm Chainalysis, noting that the group adapted its money laundering tactics following sanctions imposed by certain countries on various Bitcoin mixing services previously used by the hackers.

YoMix has recorded a substantial influx of funds in 2023, attributed not to the service’s growing popularity but primarily to the malicious activities of Lazarus. Cryptocurrency laundering is just a part of the North Korean hackers’ operations, crucial for funding the group’s activities and North Korea’s nuclear weapons development program.

Over the past years, Lazarus has perpetrated some of the largest cryptocurrency thefts, including the hack of the Ronin Network (Axie Infinity) in March 2022 amounting to $625 million, the Harmony Horizon breach in June 2022 with losses of $100 million, and the theft from Alphapo in July 2023, resulting in $60 million in stolen cryptocurrency.

From January 2017 to December 2023, North Korean hacker groups, including Lazarus, Kimsuky, and Andariel, have collectively stolen approximately $3 billion in cryptocurrency. The stolen funds were funneled through various mixing services that failed to adhere to anti-money laundering measures and accepted deposits even from wallets marked as suspicious.

The U.S. Department of the Treasury has imposed sanctions on some of these platforms, including Blender, Tornado Cash, and Sinbad, used by Lazarus hackers for laundering funds. However, following each sanction, Lazarus found a new platform, with Chainalysis indicating that YoMix has become the latest service utilized by hackers.

Furthermore, Chainalysis discovered that in 2023, addresses of cryptocurrency wallets labeled as suspicious sent $22.2 billion to cryptocurrency services, a significant decrease compared to $31.5 billion in 2022. Meanwhile, the use of bridges between blockchains has significantly increased: up to $743 million in 2023, compared to $312 million received in 2022.