Stablecoin providers Tether and Circle have taken decisive action against wallets linked to the notorious North Korean hacker group Lazarus Group, blacklisting addresses that hold a combined $4.96 million in various stablecoins, including USDT, USDC, TUSD, and BUSD. So far, approximately $6.98 million connected to the Lazarus Group has been frozen, demonstrating the evolving efforts to combat crypto-related illicit activities.
Stablecoin Providers Target Lazarus Group Wallets
The Lazarus Group, infamous for its involvement in large-scale cyberattacks, has suffered a significant blow after Tether and Circle blacklisted their wallet addresses. This information was shared by on-chain researcher ZachXBT, detailing the recovery of frozen funds. Lazarus Group was most recently associated with the hacking of the Indodax crypto exchange.
According to ZachXBT, Tether, Circle, Paxos, and Techteryx have blacklisted two wallets connected to the hacker group. These addresses contained $4.96 million in various stablecoins such as USDT, USDC, BUSD, and TUSD.
Efforts to Freeze and Recover Stolen Funds
The on-chain investigator revealed that several exchanges have taken steps to freeze an additional $1.65 million held by the hackers. In total, $6.98 million linked to the Lazarus Group has been frozen. Stablecoins are becoming increasingly popular among crypto hackers for laundering stolen assets, as noted by ZachXBT. Between 2020 and 2023, Lazarus Group reportedly converted $200 million from various crypto exploits into stablecoins.
Partnerships and Initiatives in Fighting Crypto Crime
In response to ongoing concerns over illegal activities, Tether has recently teamed up with Tron and TRM Labs to establish the T3 Financial Crimes Unit. This initiative is focused on preventing illicit activities involving USDT. According to Tether, the T3 unit has already frozen over $12 million in USDT connected to fraud and criminal activity.
The Lazarus Group’s Connection to the Indodax Hack
The Lazarus Group is also believed to be behind the hack of the Indonesian crypto exchange Indodax, where over $20 million was stolen. Yosi Hammer, head of AI at Cyvers, noted that the method used in the attack bore similarities to previous exploits carried out by the North Korean hacker group.
The hack led Indodax to temporarily shut down its platform on September 11 for a comprehensive investigation. Three days later, the exchange announced the resumption of operations, gradually reopening deposit, withdrawal, and staking functions to ensure a secure user experience.
Ongoing WazirX Hack Situation
Lazarus Group isn’t the only hacker group under scrutiny. On-chain analysis provider SpotOnChain revealed that the perpetrator behind the WazirX exploit still holds $83 million worth of Ethereum. This amount represents 55% of the stolen assets. Last week, the hacker moved an additional 20,000 ETH (worth approximately $46.97 million) to the mixer service Tornado Cash, bringing the total laundered amount to 27,600 ETH (worth $65.5 million).
The latest actions taken by stablecoin providers highlight the increasing measures to combat illicit activities in the crypto space. By blacklisting hacker-controlled addresses and freezing assets, companies like Tether and Circle are making it significantly more difficult for groups like Lazarus to profit from their malicious activities. Although challenges remain, these efforts represent a proactive stance toward creating a safer and more transparent crypto ecosystem.