Blockchain analysis experts have uncovered an individual allegedly linked to a cryptocurrency money laundering operation selling stolen tokens from recent high-profile exchange hacks at discounted rates. These investigations led to an individual who is reportedly selling stolen cryptocurrency tokens through peer-to-peer transfers on Telegram.
The investigators identified and contacted this individual on Telegram, confirming that they controlled an address containing over $6 million worth of cryptocurrencies. They exchanged stolen assets through a Telegram bot that offered a 3% discount off the token’s market price. After initial conversations, the individual reported that the initial assets had been sold, and new tokens would be available in about three weeks.
Although the Match Systems team has not fully identified the individual, they believe they are associated with the hacking group but not part of its core team. The individual exhibited erratic behavior during interactions, abruptly leaving conversations with excuses like “Sorry, I must go; my mom is calling me to dinner.”
Individual Allegedly Involved in Cryptocurrency Money Laundering Operation Offers Stolen Tokens at Discounts
Match Systems reported that the individual accepted Bitcoin (BTC) as payment for the discounted stolen tokens and had previously sold $6 million worth of TRON (TRX) tokens. The latest offering listed $50 million worth of TRX, Ether (ETH), and Binance Smart Chain (BSC) tokens.
In contrast to previous Lazarus Group hacking activities, recent incidents left more digital traces and took place in Commonwealth of Independent States (CIS) nations like Russia and Ukraine. The analysis also highlighted differences in methodology, with recent hacks involving social engineering and mathematical vulnerabilities.
While Lazarus Group hackers typically used Tornado Cash for laundering stolen cryptocurrency, recent incidents have seen funds mixed through protocols like Sinbad and Wasabi. Despite these differences, some key similarities remain, including the use of BTC wallets as the primary repository for stolen assets and the use of the Avalanche Bridge and mixers for token laundering.
Blockchain data from September 2023 suggests that North Korean hackers have stolen an estimated $47 million worth of cryptocurrency this year, including $42.5 million in BTC and $1.9 million in ETH.