BleepingComputer reports that mounting sanctions against various bitcoin mixing services have prompted North Korean hacking collective Lazarus Group to transition to the YoMix bitcoin mixer for its money laundering activities.
Funds sent to YoMix spiked during the second quarter of 2023 and persisted until the end of year, with most of the growth attributed to crypto hack proceeds, a report from Chainalysis revealed. "The growth of YoMix and its embrace by Lazarus Group is a prime example of sophisticated actors' ability to adapt and find replacement obfuscation services when previously popular ones are shut down," said Chainalysis. The findings also showed that while nearly 72% of illicit funds have been funneled to only five fiat off-ramping services, money laundering has become more diverse at the deposit address level likely in a bid to bypass detection. Researchers also found a significant increase in cross-chain bridge usage despite reductions in flagged crypto wallet addresses and funds from flagged addresses that were sent to mixers.
Funds sent to YoMix spiked during the second quarter of 2023 and persisted until the end of year, with most of the growth attributed to crypto hack proceeds, a report from Chainalysis revealed. "The growth of YoMix and its embrace by Lazarus Group is a prime example of sophisticated actors' ability to adapt and find replacement obfuscation services when previously popular ones are shut down," said Chainalysis. The findings also showed that while nearly 72% of illicit funds have been funneled to only five fiat off-ramping services, money laundering has become more diverse at the deposit address level likely in a bid to bypass detection. Researchers also found a significant increase in cross-chain bridge usage despite reductions in flagged crypto wallet addresses and funds from flagged addresses that were sent to mixers.