Growing Collaboration between DPRK Hackers and Russian Exchanges
In an alarming development, North Korean hacker groups have been intensifying their use of Russia-based crypto exchanges to launder stolen cryptocurrencies. As international monitoring of DPRK’s on-chain crimes tightens, the hackers have found solace in Russian services, employing them actively since 2021 for laundering purposes.
Recent Developments Unveiled by Chainalysis
On September 14th, blockchain forensics firm Chainalysis revealed in a blog post that nearly $22 million in crypto, pilfered from the Harmony Protocol in June 2022, had been moved to a Russia-based exchange notorious for facilitating illicit transactions. The Harmony Protocol had been exploited for approximately 100 million in cryptocurrencies earlier.
While the exchange remains unnamed, Chainalysis maintains that there is substantive evidence pointing to the active utilization of Russian services by DPRK entities for laundering cryptocurrency over the past two years. They emphasized, “This latest action marks a significant escalation in the partnership between the cyber underworlds of these two nations.”
Mounting Concerns Over Russia’s Non-Cooperation
A significant cause for concern is Russia’s stance of non-cooperation with international law enforcement agencies, which severely diminishes the prospects of recuperating the stolen cryptocurrencies once they enter the Russian exchanges. The hackers have adopted a strategy of dispersing the illicit crypto into different deposit addresses at one particular Russia-based exchange, thereby complicating tracking efforts.
The Role of the Lazarus Group and Garantex Exchange
Earlier in June 2023, blockchain analysis firm Elliptic identified the notorious Lazarus Group, affiliated with North Korea, as being involved in transferring crypto assets stolen from the Atomic Wallet to Garantex, an exchange facing OFAC sanctions. Despite the gravity of the accusations, Garantex has refrained from making any public comments on the incident to date.
The emerging trend of DPRK hacker groups leaning on Russian exchanges to launder stolen cryptocurrencies marks a dangerous escalation in the cyber underworld dynamics of the two nations. As international agencies grapple with this rising threat, the need for decisive action and coordinated efforts becomes increasingly pressing to curb the proliferation of such illicit partnerships. The global community awaits responses and measures from pertinent bodies to tackle this daunting challenge effectively.