North Korea’s Lazarus Group Stirs Again, Shifting $1.2 Million in BTC

Key Points:

  • After weeks of silence, the North Korean hacker group Lazarus resumed activity by transferring 27.371 BTC, valued at $1.2 million.
  • A portion of the transferred funds by Lazarus Group, amounting to $150,582, was sent to a previously inactive wallet.
  • The United States Treasury Department has responded to Lazarus Group’s actions by sanctioning various entities, including a cryptocurrency mixer.
North Korea's Lazarus Group Stirs Again, Shifting $1.2 Million in BTC
North Korea’s Lazarus Group Stirs Again, Shifting $1.2 Million in BTC

After a period of inactivity, the notorious Lazarus Group, linked to North Korea, has resumed operations, moving a substantial amount of Bitcoin. Arkham Intelligence reports that the group transferred 27.371 BTC, equating to approximately $1.2 million, in a series of transactions.

Lazarus Group executed two transfers from a source believed to be a cryptocurrency mixer. Subsequently, they moved 3.343 BTC, worth approximately $150,582, to a previously inactive wallet. Arkham Intelligence’s analysis post-transfer showed $79 million in the Lazarus Group’s crypto holdings. The nature of these transactions suggests the group may be gearing up for future activities.

The Consistent Threat of State-Sponsored Hacking

Lazarus Group’s operations have been a consistent concern in the cybersecurity landscape. They reportedly accounted for a third of all crypto hacks in 2023, with estimated thefts totaling up to $700 million. Their methods, which include posing as venture capitalists and crafting fake job offers, have demonstrated their sophisticated approach to digital theft. The group’s history of cyber heists, including the monumental $600 million Ronin Bridge hack, underscores their significant impact on the cryptocurrency sector.

Taylor Monahan, developer at Metamask, highlighted the Orbit attack’s similarities to Lazarus Group’s modus operandi. This attack resulted in a loss of $81 million. Such activities have escalated international concerns over North Korea’s state-sponsored cyber crimes, prompting increased vigilance in the cryptocurrency community.

OFAC Responds to North Korean Cyber Crimes

The United States Treasury Department’s Office of Foreign Assets Control (OFAC) has taken significant steps in response to Lazarus Group’s actions. Following the Ronin Bridge incident, OFAC sanctioned, marking the first instance of such action against a crypto mixer. Tornado Cash and individuals connected to the Lazarus Group have faced similar sanctions.


The Lazarus Group’s return to activity concerns cybersecurity and digital finance development. Their ability to mobilize substantial assets across the blockchain underscores the ongoing challenges in tracking and countering state-sponsored cybercrime. With the group’s history of high-profile attacks, their recent transactions could be a prelude to more sophisticated and potentially disruptive cyber operations.

Personal Note From MEXC Team

Check out our MEXC trading page and find out what we have to offer! There are also a ton of interesting articles to get you up to speed with the crypto world. Lastly, join our MEXC Creators project and share your opinion about everything crypto! Happy trading! Learn about interoperability now!

Join MEXC and Start Trading Today!