Match Systems, a blockchain analytics company, has revealed that it is looking for a person connected to a cryptocurrency laundering scheme involving tokens taken in recent high-profile exchange hacks. These disclosures occur as the cryptocurrency sector battles an increase in security flaws and fraud.
In the summer of 2023, Match Systems started looking into a number of large cryptocurrency exchange hacks that seemed to have similar traits and techniques. These inquiries ultimately directed them to a person who is accused of using peer-to-peer transfers to sell stolen bitcoin tokens at a discount.
The blockchain security firm managed to identify and establish contact with this individual via the messaging app Telegram. They confirmed that the user controlled an address containing over $6 million worth of cryptocurrencies, following a small transaction from the corresponding address.
![Beware of Discounted Tokens Stolen in CoinEx and Stake Hacks image 19](https://i0.wp.com/nosisnews.com/wp-content/uploads/2023/10/image-19.png?resize=835%2C919&ssl=1)
![Beware of Discounted Tokens Stolen in CoinEx and Stake Hacks image 19](https://i0.wp.com/nosisnews.com/wp-content/uploads/2023/10/image-19.png?resize=835%2C919&ssl=1)
The exchange of stolen assets was facilitated through a Telegram bot specifically created for this purpose, offering a 3% discount off the market price of the tokens. Subsequent interactions with the individual revealed that the initial assets offered had been sold, with new tokens becoming available approximately three weeks later.
Match Systems could not fully ascertain the identity of the individual but narrowed down their location to the European time zone. They suspect that this person, although not part of the core hacking team, has some association with them and may have been de-anonymized as a guarantee that they won’t misuse the stolen assets.
Interestingly, the individual exhibited erratic behavior during their interactions, often leaving conversations abruptly with excuses like “Sorry, I must go; my mom is calling me to dinner.”
This Telegram user typically offered a 3% discount and accepted Bitcoin (BTC) as payment for the discounted stolen tokens. Previous transactions included the sale of $6 million worth of TRON (TRX) tokens. The latest offering from this user listed stolen tokens worth $50 million, including TRX, Ether (ETH), and Binance Smart Chain (BSC) tokens.
Notably, the analysis conducted by Match Systems suggests some variations in the methodologies used in the CoinEx and Stake hacks compared to previous Lazarus Group attacks. While the FBI attributed the Stake attack to North Korean Lazarus Group hackers and SlowMist linked the CoinEx hack to the same group, Match Systems detected differences.
![Beware of Discounted Tokens Stolen in CoinEx and Stake Hacks image 20](https://i0.wp.com/nosisnews.com/wp-content/uploads/2023/10/image-20.png?resize=843%2C1057&ssl=1)
![Beware of Discounted Tokens Stolen in CoinEx and Stake Hacks image 20](https://i0.wp.com/nosisnews.com/wp-content/uploads/2023/10/image-20.png?resize=843%2C1057&ssl=1)
They found that earlier Lazarus Group hacks did not involve Commonwealth of Independent States (CIS) nations like Russia and Ukraine, whereas the 2023 summer hacks involved active laundering of stolen funds in these regions. The recent incidents also left more digital footprints for investigators to follow, and social engineering was identified as a prominent attack vector, whereas Lazarus Group typically targeted “mathematical vulnerabilities.”
Despite these differences, some key similarities persisted. In all these hacks, stolen assets were primarily stored in BTC wallets, and token laundering was facilitated through the Avalanche Bridge and mixers. Additionally, North Korean hackers have stolen an estimated $47 million worth of cryptocurrency in 2023, further underscoring the need for heightened security measures in the cryptocurrency industry.
As cryptocurrency-related crimes continue to evolve, the role of blockchain analytics firms like Match Systems becomes increasingly crucial in detecting and mitigating fraudulent activities within the digital asset space.
ALSO READ
- North Korean Hackers Hit Stake, Steal $41M in Crypto
- CoinEx exchange hacked, over $27M in crypto stolen