ZachXBT Uncovers Chinese OTC Trader’s Involvement in Lazarus Group Hacks

In a startling revelation, blockchain investigator ZachXBT has linked Chinese over-the-counter (OTC) trader Yicong Wang to the laundering of over $17 million in stolen cryptocurrency for North Korea’s infamous Lazarus Group. This investigation, made public on October 23, highlights the ongoing challenges in combating crypto-related crimes and the intricate web of illicit transactions that facilitate them.

The Investigation Unfolds: Who is Yicong Wang?

ZachXBT’s inquiry into Wang’s activities began after a trader reported their account being frozen following a peer-to-peer transaction with him. This led to a deeper investigation that uncovered Wang’s involvement in laundering operations since 2022. Operating under various aliases, including ‘Seawang,’ ‘Greatdtrader,’ and ‘BestRhea977,’ Wang has been a key player in converting stolen cryptocurrency into cash through bank transfers.

The investigation revealed that Wang was not just a minor player; he was deeply entrenched in the operations of the Lazarus Group. The group has been linked to numerous high-profile hacks, and Wang’s wallet activity shows extensive connections to these operations.

• Key Findings:
  • Over $17 million laundered from 25 Lazarus-related hacks.
  • Funds funneled through a partially blacklisted Ethereum address.
  • Connections to major hacks, including Alex Labs and EasyFi.

This extensive network of illicit transactions underscores the challenges law enforcement faces in tracking and prosecuting those involved in crypto crimes.

The Mechanics of Money Laundering

Wang’s laundering methods are particularly concerning. After the Ethereum address he used was blacklisted by Tether in November 2023, freezing 374,000 USDT, he shifted tactics. The remaining funds were laundered through Tornado Cash, a service known for its ability to obscure transaction trails. Large sums of ETH were withdrawn and consolidated into another wallet, allowing Wang to continue his operations despite increased scrutiny.

In December 2023, Wang moved $45,000 to Tron, splitting it across several addresses directly linked to him. This pattern of behavior illustrates a calculated approach to evade detection while continuing to facilitate the Lazarus Group’s operations.

• Notable Hacks Linked to Wang:
  • $4.5 million hack of Alex Labs in May 2024.
  • Involvement in hacks targeting Irys, EasyFi, and Bondly.

Wang’s ability to adapt and continue his operations offsite, despite being banned from platforms like Paxful, highlights the persistent nature of crypto crime and the need for robust measures to combat it.

The Broader Implications of Lazarus Group’s Activities

The Lazarus Group, tied to North Korea, has been a significant threat in the crypto space, linked to numerous high-profile hacks, including the $625 million exploit of the Ronin blockchain. The group’s sophisticated methods, including elaborate social engineering schemes, have made them a formidable adversary for law enforcement agencies worldwide.

In early September, the FBI issued a warning about the group’s activities, emphasizing their focus on decentralized finance (DeFi) and cryptocurrency companies. The FBI’s notice detailed how these malicious actors conducted extensive research on cryptocurrency-linked exchange-traded funds (ETFs) to execute their schemes.

• Lazarus Group’s Criminal Record:
  • Over $200 million laundered from 25 crypto-related hacks between 2020 and 2023.
  • Stolen over $3 billion in crypto assets from 2009 to 2023.

The ongoing activities of the Lazarus Group and their connections to traders like Wang illustrate the urgent need for enhanced security measures and international cooperation to combat crypto-related crimes.

The Fight Against Crypto Crime: A Continuous Battle

As the investigation into Yicong Wang and the Lazarus Group unfolds, it becomes clear that the fight against crypto crime is far from over. The intricate methods employed by these criminals pose significant challenges for investigators and regulators alike.

ZachXBT’s work sheds light on the importance of transparency and accountability in the cryptocurrency space. As more individuals and organizations become aware of the risks associated with crypto transactions, the hope is that enhanced security measures will emerge to protect users and deter illicit activities.