📰 Table Of Contents
- 1 North Korean Lazarus Group Shifts to YoMix as Alternative Mixer
- 1.1 Chainalysis Report on North Korean Lazarus Group’s Money Laundering Tactics
- 1.2 Surge in YoMix Usage and Adoption by Cybercriminals
- 1.3 Adoption of Cross-Chain Bridges and Decline in Popularity of Mixing Services
- 1.4 Concentration of Illicit Funds and Diversification of Money Laundering Activities
- 1.5 Regulatory Efforts and Sanctioning of Crypto Mixer Sinbad
North Korean Lazarus Group Shifts to YoMix as Alternative Mixer
After sanctions were imposed on Tornado Cash and Sinbad was shut down following similar actions against the platform, Chainalysis revealed that YoMix, a Bitcoin mixer, has stepped in as an alternative for the North Korean Lazarus Group. Recent discoveries by the blockchain analysis firm show that a wallet linked to North Korean hacking operations received funds from YoMix, whereas it used to receive funds from Sinbad.
Chainalysis Report on North Korean Lazarus Group’s Money Laundering Tactics
On Thursday, the leading blockchain analytics firm, Chainalysis, revealed in a report that North Korean hackers associated with the notorious Lazarus Group have shifted to employing novel money laundering techniques and are increasingly utilizing cross-chain bridges to obfuscate the origins of illicitly obtained cryptocurrency funds.
Surge in YoMix Usage and Adoption by Cybercriminals
Chainalysis noted a significant surge in funds flowing into YoMix throughout 2023, with inflows increasing fivefold. Approximately one-third of these funds originated from wallets associated with crypto hacks, indicating a significant reliance on the mixer by illicit actors seeking to obfuscate the origins of their funds.
Adoption of Cross-Chain Bridges and Decline in Popularity of Mixing Services
In addition to adopting new mixing protocols, Lazarus Group hackers have also embraced the use of cross-chain bridges, which allow for the seamless transfer of cryptocurrency across different blockchain networks. Chainalysis reported that bridging protocols have become increasingly popular among cybercriminals.
Concentration of Illicit Funds and Diversification of Money Laundering Activities
While the concentration of illicit funds remains significant, with 109 exchange deposit addresses receiving over $10 million each and a total of $3.4 billion laundered in 2023, Chainalysis noted that crypto criminals are diversifying their money laundering activities across multiple addresses and services to evade detection and mitigate the risk of asset freezing.
Regulatory Efforts and Sanctioning of Crypto Mixer Sinbad
Instead, centralized exchanges continue to be the primary destination for illicit funds, with 71.7% of all illicit funds flowing to just five centralized platforms in 2023. Much of this is likely due to law enforcement and regulatory efforts, such as the sanctioning and shutdown of mixer Sinbad in November 2023.