The Argentine Federal Police (PFA) have apprehended a 29-year-old Russian national in Buenos Aires on charges of laundering cryptocurrency funds linked to the notorious North Korean hacker group, Lazarus.

This arrest followed an in-depth investigation by the San Isidro Specialized Fiscal Unit in Cybercrime Investigations (UFEIC), in collaboration with blockchain analysis firm TRM Labs. Despite the suspect’s use of an intricate network of blockchain transactions to conceal the origins of the assets, authorities were able to trace and identify him.

The suspect is accused of handling substantial amounts of stolen cryptocurrency from various illicit sources, including the Lazarus group, child abuse content distributors, and terrorism financiers. The funds were allegedly laundered through a series of crypto exchanges and tumblers, eventually being converted into fiat currency.

One significant transaction highlighted in the investigation involved the suspect processing approximately $100 million from the North Korean hackers, connected to the Harmony Horizon hack in June 2022. This hack was later attributed to the Lazarus group by the FBI in January 2023.

Buy Me A Coffee

The individual had reportedly set up a sophisticated money laundering operation in his Buenos Aires apartment, where numerous individuals were observed frequently entering and leaving, carrying briefcases, bags, and backpacks. These activities involved currency exchanges and cryptocurrency transfers. Additionally, it was revealed that the suspect had made over 1.3 million USDT purchases with Russian rubles and conducted 2,463 cryptocurrency transfers via Binance Pay, totaling over $4.5 million USDT.

READ
Microsoft Alerts on China-Based Quad7 Botnet Targeting SOHO Routers for Credential Theft

After evading detection for nearly a year by frequently changing his residence, the suspect was eventually located through intelligence provided by Binance. During the arrest, PFA agents seized all electronic devices found in the apartment, along with two cryptocurrency wallets containing a total of $15 million in assets connected to the suspect.

As investigations continue, it is noted that the Lazarus group has shifted to using a new cryptocurrency tumbler service named YoMix to launder their illicit proceeds, according to recent reports from Chainalysis.