North Korea backed Lazarus Group linked to $305 million DMM Bitcoin hack

North Korea, through the notorious Lazarus Group, is suspected to have masterminded the $305 million hack of Japanese cryptocurrency exchange DMM Bitcoin. On-chain investigator ZachXBT has pointed out similarities in the laundering techniques used to move the stolen funds, indicating the involvement of the state-sponsored group. Recently, funds linked to DMM Bitcoin were transferred to the online marketplace Huione Guarantee, which has been indicted by blockchain security company Elliptic Research for facilitating billions in illicit crypto crimes. The hackers behind the DMM Bitcoin hack have been depositing the stolen BTC into mixers and then transferring the funds to either the Avalanche or Ethereum networks, ultimately converting them into Tether USDT and sending them to Huione Guarantee. This laundering pattern aligns with Lazarus Group’s known methods. Despite the risks of Tether potentially blacklisting USDT, the hackers have no choice as they are cashing out through small over-the-counter markets that only accept USDT. The growing use of Huione Guarantee among bad actors looking to move crypto is a concerning trend, with the platform being associated with scam operators in Southeast Asia. According to Elliptic Research, transaction volumes linked to Huione Guarantee have exceeded $11 billion over the past three years, and the platform is known for facilitating various illicit activities.