Tether and Circle Blacklist Lazarus Group Wallets Holding $4.96 Million in USDT

• Stablecoin issuers Tether and Circle have blacklisted wallet addresses linked to the North Korean hacker group, Lazarus Group.
• These wallet addresses contain $4.96 million in various stablecoins including USDT, Circle, TUSD, and BUSD.
• To date, $6.98 million have been frozen from addresses connected to the Lazarus Group.

Recent measures by stablecoin issuers against North Korean hacker group demonstrate the evolving efforts to combat crypto-related illicit activities.

Stablecoin Issuers Target Lazarus Group Wallets

The North Korean hacker group, Lazarus, has recently faced a significant setback as both Tether and Circle have blacklisted their wallet addresses. The revelation came from on-chain investigator ZachXBT, who detailed the extent of funds recovered thus far. Lazarus Group is infamously known for its extensive crypto-related illicit activities, most recently suspected in the hack of the Indodax crypto exchange.

ZachXBT confirmed via an X post that Tether, Circle, Paxos, and Techteryx have blacklisted two wallet addresses associated with the hacker group. These addresses housed $4.96 million in a mix of USDT, USDC, BUSD, and TUSD stablecoins.

Efforts to Freeze and Recover Stolen Funds

The on-chain investigator further disclosed that several exchanges have taken steps to freeze an additional $1.65 million owned by the hackers. Combined, a total of $6.98 million has been frozen from wallets linked to the Lazarus Group. Stablecoins have increasingly become the medium of choice for crypto hackers looking to launder stolen assets, a trend highlighted by ZachXBT. Between 2020 and 2023, the Lazarus Group reportedly converted $200 million from various crypto exploits into stablecoins.

Partnerships and Initiatives to Combat Crypto-Related Crimes

In light of ongoing concerns regarding illicit activities, Tether recently joined forces with Tron and TRM Labs to establish the T3 Financial Crime Unit. This initiative focuses on clamping down on illegal activities involving the USDT stablecoin. According to Tether, the T3 unit has already frozen over $12 million in USDT linked to scams and fraudulent activities.

Lazarus Group Implicated in Indodax Hack

The Lazarus Group is also suspected to be behind the hack on the Indonesian crypto exchange Indodax, where over $20 million was stolen. Yosi Hammer, Head of AI at Cyvers, noted that the attack’s methodology bears similarities to previous exploits carried out by the North Korean hacker group.

The hack compelled Indodax to temporarily shut down its platform on September 11 as they conducted a comprehensive investigation. After about three days, the exchange reassured its users that operations could resume. The platform has since gradually reopened deposit, withdrawal, and staking features to ensure a smooth and secure user experience.

The Ongoing WazirX Hacker Situation

The Lazarus Group is not the only hacking entity under scrutiny. On-chain analytics provider SpotOnChain recently revealed that the hacker responsible for the WazirX exploit still holds $83 million worth of Ethereum. This amount represents 55% of the total stolen assets. Over the past week, the hacker transferred an additional 20,000 ETH (valued at approximately $46.97 million) to the mixer service Tornado Cash, taking the total laundered amount to 27,600 ETH ($65.5 million).

Conclusion

The recent efforts by stablecoin issuers demonstrate the increasing measures being taken to combat illicit activities in the crypto space. By blacklisting hacker-linked addresses and freezing assets, firms like Tether and Circle aim to make it significantly harder for groups like Lazarus to profit from their malicious activities. While the challenges remain substantial, these actions signify a proactive stance toward a more secure and transparent crypto ecosystem.