Circle accused of ‘extracting’ from Lazarus Group hacks, faces criticism from ZachXBT

Key Takeaways

  • Circle accused of profiting from transactions linked to North Korea’s Lazarus Group.
  • Lazarus Group allegedly laundered $200 million into stablecoins from 2020 to 2023.

Circle, the company behind the USDC stablecoin, faces criticism from blockchain investigator ZachXBT for its delayed response to blacklisting funds associated with the North Korean hacking group Lazarus.

ZachXBT alleges that Circle took over four months longer than other major stablecoin issuers to blacklist addresses linked to the Lazarus Group. The investigator claims this delay allowed Circle to profit from transactions associated with the notorious hacking group, which has been implicated in numerous high-profile crypto heists.

The accusations came in the wake of a recent hack on Indonesian crypto exchange Indodax, attributed to the Lazarus Group. The September 11 attack resulted in the theft of over $20 million, forcing the exchange to temporarily suspend operations.

Investigations reveal a disturbing trend of stablecoins being used to launder stolen funds. Evidence suggests the Lazarus Group managed to launder approximately $200 million from various crypto exploits into stablecoins, including USDT and USDC, between 2020 and 2023. This has raised concerns about the role of stablecoins in facilitating illicit activities and the responsibilities of issuers in preventing such use.

ZachXBT’s criticism extends beyond the recent incident, alleging a systemic failure by Circle to act promptly in cases of DeFi exploits and hacks. The investigator claims that despite having a large staff, Circle lacks an incident response team to handle issues arising from DeFi hacks or exploits. These accusations come amid intensifying discussions about stablecoin regulation and anti-money laundering efforts in the crypto space.

Major stablecoin issuers have blacklisted linked addresses

Recent updates from ZachXBT indicate that all four major stablecoin issuers – Paxos, Tether, Techteryx, and Circle – have now blacklisted two specific addresses associated with the Lazarus Group, freezing a total of $4.96 million. The addresses, 0x36f2D3871edd59d5C06DB8F0b12bE928d5922A70 and 0x12ED7f6ed0491678764c2b222A58452926E44DB6, held various stablecoins including USDT, BUSD, TUSD, and USDC.

According to the provided data, Circle was the last to act, blacklisting the USDC funds on September 14, 2024, nearly five months after other issuers took similar action. An additional $1.65 million has been frozen at various exchanges, bringing the total amount frozen as a result of the investigation to $6.98 million.

The on-chain sleuth has had a series of high-profile investigations, including the exposure of Martin Shkreli as the TrumpCoin creator, and tying a GCR account hack to a Solana meme coin team, among others.

Source: https://cryptobriefing.com/circle-lazarus-group-accusations/