Lazarus Group Launders $1.5 Billion in Crypto Through Black U Mixer

Coin WorldWednesday, Jun 18, 2025 5:33 am ET
2min read

The Lazarus Group, a notorious hacking collective linked to North Korea, has been identified as using the Black U Mixer to launder stolen cryptocurrency. This

comes from crypto investigator ZachXBT, who noted that illicit laundering networks and small over-the-counter (OTC) brokers have successfully laundered funds stolen in several recent hacks attributed to the Lazarus Group. The group has reportedly laundered over $1.5 billion through various channels, with ZachXBT's analysis tracking over $200 million across 25 hacks since August 2020. Primary assets include ETH, BTC, and ERC-20 tokens.

The funds, allegedly stolen in hacks including the Bybit incident, are being laundered through OTC brokers, mixers, and P2P exchanges. This series of actions has not caused any immediate Total Value Locked (TVL) drops in DeFi protocols, although liquidity anomalies in meme coins are noticeable. Affected parties include exchanges and brokers who have become unwitting accomplices in these activities. The impact extends to both financial and regulatory spheres, prompting discussions on tightening anti-money laundering practices. Meme coins have experienced unusual trading volumes as laundering occurred. Immediate effects on the broader markets have been contained, but the call for improved AML and tracking measures is growing.

The FBI acknowledges Lazarus Group's role and underscores the need for heightened surveillance of cryptocurrency activities. Analysts anticipate wider moves to regulate mixer services and exchanges involved. Efforts to counteract these laundering channels could entail increased market volatility, reflective of past incidents involving the Lazarus Group. The Lazarus Group's tactics include using various methods to launder stolen funds, such as chain hopping, crypto mixers, peer-to-peer (P2P) platforms, and small virtual asset service providers (VASPs).

In February, the Lazarus Group hacked one of ByBit’s suppliers to secretly alter the digital wallet address for a transfer of 401,000 Ethereum. The group was accused of not stopping criminals from cashing out more than $90 million through the platform. This raised questions about whether North Korea had expanded its laundering capacity, as criminal financial networks have never moved that quickly to process funds. The Lazarus Group's use of the Black U Mixer and other sophisticated laundering techniques underscores the need for increased vigilance and cooperation among global financial regulators. The group's ability to launder stolen funds through various methods highlights the challenges faced by law enforcement agencies in tracking and recovering illicitly obtained cryptocurrency.

As the crypto industry continues to evolve, it is crucial for exchanges and other service providers to implement robust anti-money laundering (AML) measures to prevent the misuse of their platforms for illicit activities. The Lazarus Group's activities have been a significant concern for global financial regulators. In March 2020, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) sanctioned two Chinese nationals, Tian Yinyin and

Jiadong, for laundering over $100 million in stolen funds linked to the Lazarus Group. This action underscored the U.S. government's commitment to protecting the global financial system from cyber-crime. The Lazarus Group's laundering activities impact global cryptocurrency markets and highlight risks in cybercrime tactics. Industry leaders demand enhanced security and AML protocols.