North Korean Hackers Reportedly Embrace Yomi Lingo for Money Laundering
It’s fine to celebrate success, but it is more important to heed the lessons of failure. — Bill Gates
Ah, the notorious North Korean hacker collective Lazarus Group is at it again, embracing the Yomi lingo for money laundering. The audacity! It seems they’ve switched gears from using the Sinbad mixer to the YoMix Bitcoin mixer to wash their ill-gotten gains. Oh, the irony!
You see, the Lazarus Group has a long and colorful history of pulling off some of the most audacious crypto heists in recent memory. They’ve made a habit of targeting a smorgasbord of crypto firms, leaving chaos and financial ruin in their wake. But now, they’ve taken their shenanigans to the YoMix mixer, determined to cover their tracks and muddy the waters.
This revelation comes from none other than blockchain analytics firm Chainalysis, which uncovered the Lazarus Group’s money laundering operations on YoMix. It’s like a game of cat and mouse, with hackers resorting to novel techniques and increasingly using cross-chain bridges to obfuscate the origins of their stolen crypto assets. It’s a classic case of ‘out with the old, in with the new’.
Chainalysis’ report made it crystal clear that there has been a substantial surge of funds flowing through the YoMix mixer, with a five-fold increase in inflows. And here’s the kicker — over one-third of these funds originated from wallets associated with crypto hacks. It’s a clear indication of the nefarious reliance on YoMix by bad actors looking to cover their tracks.
It’s a testament to the adaptability of threat actors in the face of evolving security measures. The closure of popular avenues has only spurred them on to find new ways to carry out their illicit activities. Chainalysis also noted a shift towards less centralized money laundering practices at the deposit level, while activities have become more centralized at the service level. It’s a game of whack-a-mole, with bad actors spreading their activities across multiple services or deposit addresses.
But wait, there’s more! The Lazarus Group isn’t just content with switching mixers; they’ve also started using cross-chain bridges to facilitate the seamless movement of funds through different blockchain networks. Chainalysis revealed that in 2023, bad actors transferred a whopping $743.8 million worth of crypto from addresses associated with hacks using these cross-chain bridges. This is double the figure from the previous year.
Despite the overall decrease in the total amount of funds laundered compared to the previous year, the use of cross-chain bridges and other obfuscation techniques remains a popular choice among cybercriminals. Chainalysis observed a general decline in the popularity of mixing services, with a significant drop in the amount of crypto flowing through these services compared to the previous year. The decline has been attributed to law enforcement and regulatory efforts, including the sanctioning and shutdown of the Sinbad mixer in November 2023.
So, there you have it. The Lazarus Group’s escapades with YoMix and cross-chain bridges are a clear illustration of the cat-and-mouse game between cybercriminals and law enforcement. It’s a constant battle of wits and resources, with each side striving to outmaneuver the other. The only certainty in this ongoing saga is that the crypto world will continue to witness such high-stakes dramas. Till then, we watch and wait for the next twist in this gripping tale of hackers and heists.
