Blockchain investigator ZachXBT shared seven wallet addresses containing 891.13 Bitcoin, which have ties to the infamous North Korean hacking group Lazarus. 

On May 21, the crypto investigator shared the addresses on X. This follows the blockchain sleuth’s research on the hacker group that led to $3.8 million in digital assets being frozen by the authorities.

At the time of writing, the crypto wallets identified by ZachXBT still hold the amounts flagged by the cryptocurrency investigator.

On April 29, ZachXBT published an in-depth analysis of how the state-backed hacker group laundered $200 million from over 25 hacks since 2020.

The investigator determined that the hackers used peer-to-peer (P2P) marketplaces and crypto-mixing services to exchange the stolen crypto for fiat.

ZachXBT said that at least $44 million were laundered using the Paxul and Noones P2P marketplaces. The usernames “EasyGoatfish351” and “FairJunco470” displayed deposits and trading volumes that matched the stolen funds.

ZachXBT’s analysis also highlighted that the stolen digital assets were exchanged into Tether (USDT) before being converted into fiat and withdrawn.

Related: North Korea used Tornado Cash to siphon HTX’s $147.5M loot: UN

Lazarus Group became active again earlier this year after being inactive for some time. On Jan. 8, the North Korean hackers moved $1.2 million in stolen digital assets from a mixer and sent some of the funds to an inactive wallet.

The group transferred 27.37 Bitcoin (BTC), worth $1.2 million at the time, in two transfers from what analysts determined to be a crypto mixer. After withdrawing the funds, the hackers moved 3.343 BTC, worth $150,582, to an address they used before.

On April 24, the hackers were spotted using the professional social media platform LinkedIn to target vulnerable users using malware attacks.

Blockchain security firm Slowmist flagged the attack and explained that Lazarus Group hackers were pretending to apply for blockchain developer jobs within the crypto ecosystem to access confidential employee credentials.

The Lazarus Group continues to be one of the most notorious criminal organizations targeting the crypto space. In the six years leading to 2023, the group stole more than $3 billion in digital assets.

The $1.7 billion stolen amount in 2022 alone surpasses North Korea’s total annual income from exports by almost 10 times.

Magazine: Lazarus Group’s favorite exploit revealed — Crypto hacks analysis