The analysis by PeckShield security team on the "two Chinese OTC money changers being sued by the United States" indicates that the incident process was roughly that North Korean hacker organization Lazarus Group first obtained the private key of the exchange through phishing and attacked four exchanges such as Bithumb and Upbit. Afterwards, the hacker used the Peel Chain and other methods to transfer the stolen assets to the other 4 exchanges, and used the same method to transfer the assets to the accounts of the exchanges of the two responsible persons responsible for money laundering, and finally changed to fiat currency to complete the entire process. The US Department of Justice is suing Tian Yinyin and Li Jiadong, who are responsible for money laundering.
Hackers have divided money laundering into three steps in total: 1. Disposal phase: placing assets to the cleaning system; 2. Segregation phase: layering and confusing assets to escape tracking; 3. Merger phase: integrating assets to opportunistic cash.
The PeckShield security team analyzed the ins and outs of the OTC acceptor money laundering event by tracking a large amount of on-chain data for analysis. The affected exchanges were Bter, Bithumb, Upbit, and Youbit. According to incomplete statistics, the loss was at least US $ 300 million. After the attack succeeded, the hacker implemented a professional, thorough, and complex decentralized money laundering operation in three steps. Partial cash.