Link copied 
A recently uncovered cryptocurrency laundering scheme has revealed connections to high-profile digital currency thefts. Security analysts from Match Systems delved deep into this online underworld and pinpointed an individual believed to be selling pilfered cryptocurrency tokens.
Their investigation began in the summer of 2023 when several significant cryptocurrency breaches occurred. These digital heists shared identical tactics, leading the investigative trail to a sole operator. Using Telegram, a messaging platform, the individual in question was reportedly offering these stolen tokens at 3% below the market rate.
Once the Match Systems researchers made contact with this person, they received a small amount of cryptocurrency as a sign of authenticity. That transaction allowed the team to confirm that the individual was overseeing an address containing a staggering $6 million in various digital currencies.
Interestingly, the transactions took place through a specially designed bot on Telegram. Once the investigators got in touch, they were informed that the current batch of stolen tokens was already sold. They were also tipped off about an upcoming sale in a few weeks, indicating a continuous flow of such illicit activities.
Although the Match Systems experts couldn't determine the identity of this dealer, they've surmised that the person operates within the European time zone. This deduction was made from various timestamps on the received data.
The individual's conduct was noted to be unpredictable, often leaving conversations abruptly with casual reasons. The person's modus operandi included providing a 3.14 TRX transaction as an authenticity check. Payments for these discounted stolen tokens were usually made in Bitcoin.
Further information indicated that he had previously traded $6 million in TRON tokens. His latest offerings included a mix of $50 million in TRX, Ether, and Binance Smart Chain tokens.
Another security firm, CertiK, tracked stolen assets from an operation termed the 'Stake heist,' which saw about $4.8 million from a $41 million haul being moved around using various methods.
The FBI has since named the North Korean Lazarus Group as the main players behind the Stake attack. Interestingly, the $55 million CoinEx theft also had ties to this group, according to the cybersecurity firm SlowMist.
However, there seems to be a slight deviation in methodologies between the CoinEx and Stake hacks when compared to typical Lazarus operations. Lazarus's modus operandi previously didn't focus on countries within the Commonwealth of Independent States, but these latest breaches show active laundering in such regions.
Lazarus hackers, known for leaving little to no traces, appeared to be sloppy in these recent operations, leaving several clues. Furthermore, while they often exploited mathematical weaknesses in systems, this summer's attacks leaned more towards social engineering.
Final insights reveal that North Korean cybercriminals have allegedly pilfered about $47 million in cryptocurrency in 2023 alone.
