The Office of Foreign Asset Control (OFAC) of the US Treasury Department recently added 20 BTC addresses to its blacklist. The addresses are linked to Lazarus Group, a cybercrime gang linked to the North Korean regime.
New update on the SDN list
The 20 Bitcoin addresses sanctioned by the OFAC are added to the Specially Designated Nationals (SDN) list. The addresses are connected with two individuals- Yinyin Tian and Jiadong Li, who is accused of having links to the infamous cybercrime group- Lazarus Group. This group is known to have ties with the government of North Korea.
It has previously been accused of stealing over half a billion dollars in cryptocurrencies. Group-IB, a cybersecurity vendor, claimed that the group had targeted 14 different cryptocurrency exchanges in the last two years. The latest action by the OFAC is a result of a hack on a crypto exchange in April 2018. The authorities have not named the exchange in their press release.
Documents provide proof against two sanctioned individuals
A grand jury indictment unsealed on Monday, has charged the two sanctioned individuals with conspiracy to launder money and operate an unlicensed money transmission business. The indictment was flagged by Seamus Hughes from the George Washington University. A separate in rem forfeiture document suggests that the US government wants to seize cryptocurrencies held in 113 different Bitcoin addresses. This document also unsealed on Monday, alleges the two individuals of laundering “bulk of the stolen BTC.”
The forfeiture document lists $234 million in stolen crypto, which includes popular cryptocurrencies like Bitcoin, Ether, Litecoin, XRP, Dogecoin, Zcash and Ethereum Classic. The proceeds from crypto exchange hacks were laundered using peel chains. In the peel chain transactions, funds are constantly moved from one crypto address to another. Each time the fund is moved to a new address, a portion is moved to a separate wallet while the bulk is sent over to the next wallet in the chain. The Litecoin in question could not be laundered properly and remained in the same addresses it was initially sent to.
The document further states that the defendants sold some of the cryptocurrency to customers based in the US and used an American exchange to facilitate some transactions. It also names a South Korean exchange. According to a press release from the US Department of Justice (DoJ), the funds laundered by the two individuals helped North Korean actors launch hacking campaigns against the financial industry participants. The co-conspirators, in this case, are allegedly connected to a $48.5 million crypto hack from a South Korean exchange.