The
North Korean-linked Lazarus Group has been linked to the theft of approximately $900 million in cryptocurrency between July 2022 and July 2023. Cross-chain crime, which involves converting crypto assets from one token or blockchain to another, has become a lucrative method for money laundering for crypto thefts. Elliptic reports that Lazarus Group's use of cross-chain bridges contributed to a 111% increase in the proportion of funds sent via such services. The North Korean hacking crew is estimated to have stolen nearly $240 million in cryptocurrency since June 2023, following a series of attacks targeting Atomic Wallet ($100 million), CoinsPaid ($37.3 million), Alphapo ($60 million), Stake.com ($41 million), and CoinEx ($31 million).


North Korean cyber espionage group, Lazarus, has been linked to the use of Avalanche Bridge to deposit over 9,500 bitcoins and employ cross-chain solutions to move plundered assets. The group performs all three pillars of cybercriminal activities: cyber sabotage, cyber espionage, and the pursuit of financial gain. South Korea's National Intelligence Service (NIS) has warned of North Korea attacking its shipbuilding sector since the start of the year. The hacking methods used by North Korean hacking organizations include occupying and bypassing IT maintenance companies' PCs and installing malicious code after distributing phishing emails to internal employees. The group's activities have no legitimate business purpose other than to obfuscate their origin.