The well-known Lazarus Group first acquires gift cards for stolen cryptocurrency, and then buys digital assets back.
North Korean hackers use gift cards to launder stolen cryptocurrencies. This is the conclusion made by the cybersecurity specialists of BAE Systems and the Society for Worldwide Interbank Financial Telecommunications (SWIFT).
In the study “Follow the Money”, experts analyzed common methods of laundering stolen assets. The scale of fraudulent activities with cryptocurrencies turned out to be much less than illegal operations with fiat. At the same time, traditional assets are more often laundered through electronic payments rather than cash.
One of the most famous hacker groups, the Lazarus Group, prefers to steal cryptocurrency in large quantities. They often target digital asset exchanges as victims. After the theft, the hackers, according to the researchers, begin to “stratify” the stolen goods. To do this, they distribute small portions of the total across the trading platforms.
The Lazarus Group traces lead to North Korea. It is noteworthy that according to open sources, there are no BTC miners in the country.
The authors of the review are sure that scammers use the services of intermediaries. They hire people who have registered addresses to store digital assets. For help in hiding the stolen funds, accomplices receive part of the illegal income.
Often, North Korean hackers launder assets through gift cards. First, scammers purchase gift cards of a certain denomination for stolen bitcoin, and then use the cards to buy back the cryptocurrency.
There are services on the network that allow you to exchange almost any gift card for bitcoin.
Lazarus Group also launders money by making transactions with stolen assets on special marketplaces where verification or participation of banks is not required. All transactions are peer-to-peer.
Recall that in the fall of 2019, information appeared on the network that North Korea was developing its own version of bitcoin. According to experts, it will help the country bypass the pressure of Western sanctions.
In 2020, American regulators were interested in the theft of cryptocurrency by North Korean hackers. The report of US Army said about 6000 North Korean hackers working for its country.
Recently, the US Department of Justice asked the court to seize digital assets from the wallets of North Korean hackers.