Lazarus Group laundered $200M from 25 crypto hacks to fiat

Original Article ↗ Hacker News Discussion ↗

How Lazarus Launders Crypto

  • Several comments debate how $200M in stolen crypto can be turned into usable cash despite traceability.
  • Suggested techniques:
    • Mixers and privacy coins (Monero, Zerocoin), then gradual off‑ramping via exchanges, multiple accounts, and small tranches.
    • Using shady casinos in weakly regulated countries to convert to “gambling winnings” for a fee.
    • Launching new tokens, creating liquidity pools, pumping with dirty funds, and exiting with “legitimate” speculative gains.
  • Skeptics argue modern chain analysis can flag simple schemes, but others note prosecutions tend to hit only low‑OPSEC actors.

KYC/AML, Blacklists, and Banking vs Crypto

  • Some say KYC/AML has tightened (sanctions on mixers, more chain analysis, more checks in traditional finance), making older laundering routes less viable.
  • Others argue:
    • Crypto services still often operate on “assumed clean unless blacklisted,” which is easy to exploit.
    • Traditional banks launder vastly larger sums and pay periodic fines; the system remains opaque and complicit.
  • Disagreement over blacklist vs whitelist:
    • One view: finance mostly blacklists suspicious actors after the fact.
    • Another: in practice, there is a “soft whitelist” requiring repeated source‑of‑funds proofs.

Critiques of KYC and Money-Laundering Laws

  • Some see KYC as a tool enabling extra‑legal discrimination and de‑banking without due process.
  • Others respond that KYC is a necessary tradeoff to curb crime, terrorism financing, and sanctions evasion.
  • One long critique claims money-laundering statutes mostly:
    • Fail against sophisticated criminals using fronts.
    • Hit innocent or naive users via over‑broad rules and false positives.

North Korea, Sanctions, and the Internet

  • Multiple comments note the main policy concern is not the $200M itself but funding a sanctioned regime with nuclear ambitions.
  • Debate over whether the US could or should cut North Korea off the internet:
    • Technically hard due to land links via China/Russia and potential wireless/satellite workarounds.
    • Politically risky (escalation with China/Russia; precedent of weaponizing connectivity).
    • Some argue intelligence value in leaving NK online outweighs disruption benefits.

Other Threads

  • Discussion of:
    • Why Lazarus apparently did not use Monero (reasons unclear; some blame ecosystem isolation).
    • Metamask compromise via remote access and extension replacement.
    • Broader complaints about global corruption, real‑estate laundering, and geopolitical blowback from US interventions.