Korean group Lazarus uses Bitcoin mixer for money laundering: industry report

Lazarus from North Korea Using Bitcoin Mixer to Launder Stolen Funds

A collective of hackers known as Lazarus, originating from North Korea and specializing in cryptocurrency thefts, has recently turned to using the bitcoin mixer YoMix to launder stolen funds. This shift in strategy comes as a response to recent sanctions imposed on many bitcoin mixer services that Lazarus previously relied on.

Rise in Lazarus Activity on YoMix

According to a report by the blockchain analysis firm Chainalysis, since the beginning of 2023, YoMix has seen a significant increase in funds flowing through, not due to the service’s own popularity surge but rather to the intensified activity of Lazarus.

Funding Operations Through Money Laundering

The money laundering actions by Lazarus are just one aspect of their operations. These funds not only finance the collective’s operations but also serve as a source of funding for North Korea’s weapons development program.

Cryptocurrency Thefts by North Korean Hacker Groups

Between the years 2017-2023, hacker groups from North Korea, such as Lazarus, Kimsuky, and Andariel, have stolen an estimated $3 billion in cryptocurrencies, marking a significant portion of the global cybercrime landscape.

Sanctions on Platforms Used by Lazarus

Institutions like the OFAC have identified and imposed sanctions on certain platforms used by Lazarus for money laundering, including Blender, Tornado Cash, and Sinbad, leading to a shift in tactics by the hacker collective.


The use of bitcoin mixers to launder stolen cryptocurrencies by hacker groups from North Korea, like Lazarus, poses a serious challenge for governments and financial monitoring institutions. Cryptocurrency crime is evolving rapidly, requiring a continual adaptation of anti-criminal methods.