The post Lazarus Group Shifts Focus to Retail Investors – $5.2M+ in Crypto Stolen from One Trader appeared on BitcoinEthereumNews.com.

Lazarus Group hit an individual trader for over $5.2 million using malware wallet exploits. They laundered 1,000 ETH via Tornado Cash and split millions into various Ethereum wallets. North Korea’s Lazarus Group is suspected of having made a large theft of over $5.2 million in cryptocurrency from one trader on May 24. The attacker used a vulnerability in the malware to drain the balance from multiple wallets, such as exchange wallets, externally owned accounts (EOAs), and multisignature wallets. Blockchain analyst ZackXBT confirmed the breach via his Telegram channel after he had identified three Ethereum addresses that had been used in the heist. The incident marks a shift in Lazarus’s interest since it telegraphs an increasing trend of hitting lesser-known, independent traders rather than well-known institutions or wealthy individuals. The group laundered assets of about 1,000 ETH through Tornado Cash, a service that is commonly utilized in order to obscure the sources of stolen assets. The assets were sold shortly after the process of laundering, demonstrating the group’s fast turnaround in capitalizing on stolen funds. Lazarus-style Tactics Emerge Again One of the Ethereum accounts associated with the attack had approximately $2.7 million of DAI, the most predominant of the stolen assets. A second account, which is likely to be freshly created, had nine transactions throughout the weekend but transferred over 200 ETH to a single central wallet. The third account had slightly over 40 ETH and small balances in other tokens, amounting to about $1,340. These activities resemble approaches outlined in a TRM Labs study. The paper outlined how Lazarus exports technical abilities with the help of networks of Russian and Chinese actors to convert the stolen crypto into usable assets. The research depicts a system in which stolen assets are sanitized and sold through decentralized networks and over-the-counter networks. Another…

---

Filed under: News - @ May 29, 2025 9:29 am