The notorious hacking group known for its crypto thefts has lost access to nearly $5 million in stablecoins, following actions taken by stablecoin issuers to freeze the funds.
This decision came after an investigation led by blockchain investigator ZachXBT, who, with help from Metamask, Binance, TRM Labs, and Five I’s LLC, traced the stolen assets.
ZachXBT’s probe revealed that the Lazarus Group, a North Korean state-sponsored entity, had laundered over $200 million in cryptocurrency into fiat across a span of three years. The stolen funds were acquired through 25 different exploits on various blockchains and were subsequently cashed out through peer-to-peer marketplaces.
The stablecoin issuers of USDT (Tether), USDC (Circle), TUSD (Techteryx), and BUSD (Paxos) responded by freezing nearly $5 million in stablecoins linked to two specific wallets. These wallets also hold approximately $720,000 in the DAI stablecoin and about $313,000 in Ethereum, which have not yet been frozen.
ZachXBT reported on X that all four stablecoin issuers – Paxos, Tether, Techteryx, and Circle – have now blacklisted the two addresses associated with the Lazarus Group, totaling $4.96 million. Additionally, $1.65 million remains frozen at various exchanges, bringing the total frozen amount to $6.98 million.
ZachXBT criticized Circle, the issuer of USDC, for its delayed response compared to other issuers. He noted that it took Circle 4.5 months longer to freeze the tokens and highlighted the lack of a dedicated incident response team to address such hacks.
Alex Mashinsky, the former CEO of Celsius serving a 100-year prison sentence, is seeking the testimony of six ex-employees as part of his criminal case.
Since Bitcoin’s inception in 2009, it initially struggled to gain recognition as a groundbreaking technology, often being dismissed as a scam or fraud.
Former Binance CEO Changpen Zhao is nearing the end of his four-month prison sentence, with his release scheduled for September 29, according to the US Federal Bureau of Prisons.
Binance has issued a warning about a malware attack targeting its users, which alters cryptocurrency withdrawal addresses.