Reported by CHRISTOPHER TEPEDINO

In the post-mortem of the $1.5 billion Bybit hack, two blockchain research organizations — Nansen and Chainalysis — have revealed the Lazarus Group’s money laundering strategy, which includes swapping illiquid assets for liquid assets, creating a complex money trail, and letting certain wallets sit dormant to let scrutiny die down.

According to Nansen, the typical Lazarus Group strategy first involves swapping the illiquid assets into those that are more fungible and, therefore, easier to move. After the Bybit hack, the perpetrator converted at least $200 million in staked tokens into Ether , which can be moved much more easily onchain.

After this conversion from illiquid to liquid assets, the laundering process was carried out. To create obfuscation, the hacker used a maze of intermediate wallets to create a complex trail aimed at confusing trackers. According to Chainalysis, the funds were laundered through decentralized exchanges, crosschain bridges, and even instant swap services that do not require Know Your Customer (KYC) verification.

Much of the ETH was eventually swapped for Bitcoin and stablecoins such as Dai . In some cases, blockchain analysts were able to track these movements in real time. That allowed certain organizations running these decentralized protocols, such as Chainflip, to block the perpetrator’s attempt to launder the stolen funds.

Throughout the laundering process, the hacker kept breaking the stolen funds into smaller pools sent to a growing number of wallets.

Read full report: https://cointelegraph.com/news/inside-lazarus-group-money-laundering-strategy-bybit-hack