US seizes $2.7 million in crypto linked to Lazarus Group hacks

The U.S. government has seized over $2.7 million in Bitcoin (CRYPTO:BTC) and Tether (CRYPTO:USDT) linked to North Korean hacking group Lazarus, which is responsible for a series of cyber heists totaling $879 million.  

On October 4, 2024, legal actions were filed to confiscate the stolen assets, targeting the group's involvement in multiple high-profile hacks across different platforms and countries.  

According to official filings, the seizures relate to two major incidents.  

The first involves the theft of $1.7 million in USDT from Deribit, an options exchange, and the second covers the theft of 15.5 Bitcoin (valued at approximately $971,000) from Stake.com.  

The Lazarus Group is also believed to be responsible for a $234.9 million hack of the WazirX (CRYPTO:WRX) exchange.  

Lazarus, a North Korean state-sponsored hacking group, has targeted organizations in several countries, including Japan, Singapore, the U.S., and Vietnam.  

U.S. authorities noted that the group uses a combination of cyberattacks, extortion, and theft to carry out its operations.  

The group's name, “Lazarus,” comes from the biblical figure who rose from the dead, fitting for a group that constantly resurfaces with new tactics.  

The FBI recently issued warnings about Lazarus Group's evolving strategies.  

Their tactics often include fake employment offers or investment opportunities, designed to lure unsuspecting victims into installing malware.  

These prolonged interactions give the group enough time to execute their attacks without raising immediate suspicion.  

In previous years, Lazarus has been involved in notable cybercrimes, including the 2014 Sony Pictures hack and the creation of the WannaCry ransomware.  

The group often launders stolen funds through mixers like Tornado Cash (CRYPTO:TORN), but law enforcement agencies have successfully traced some of these transactions.