4,502.9 Bitcoins worth $305 million stolen from the Japanese crypto exchange DMM Bitcoin attracted the attention of cyber security experts and blockchain researchers after the attack.

Recently, it was reported that 500 Bitcoins were moved by a crypto address thought to be linked to this hack. This detection by PeckShield Alert shows that the mobility of stolen funds continues.

According to PeckShield Alert, the suspicious address moved 500 Bitcoins to two different addresses. These addresses, each receiving approximately 250 BTC, are considered as part of the strategy of dividing the hacked funds into smaller pieces and making them lose their traces.

These funds are believed to be part of the total 4,502.9 BTC stolen from DMM Bitcoin in May. While this amount was worth $305 million at the time of the hack, its value is around $274 million in current market conditions. DMM Bitcoin raised $320 million immediately following the attack and used those funds to compensate victims.

Cyber ​​security researcher ZachXBT claimed that the famous hacker group Lazarus, linked to North Korea, was behind this hacking attack. ZachXBT reached this conclusion by examining the techniques and off-chain indicators used by the Lazarus group in previous attacks.

Lazarus is a group known for its large-scale attacks in the cryptocurrency world, often laundering stolen funds through sophisticated methods. ZachXBT stated that this group divided the funds they stole from DMM Bitcoin into batches of 500 BTC and moved them to new wallets and used this method to cover their tracks.

The 500 BTC identified by PeckShield are among the last funds moved as part of this strategy. This shows that the attackers are still active and trying to hide the stolen funds by moving them.

In July, ZachXBT claimed that attackers moved approximately $35 million worth of Bitcoin to the Cambodia-based Huione Guarantee exchange. This exchange has been accused of laundering funds from crypto thefts and facilitating other illegal crypto transactions.

Huione frequently comes to the fore with allegations of links to cybercrimes and crypto scams. In July, Tether froze a Tron wallet thought to belong to Huione.

This wallet contained more than $28 million USDT, estimated to have been obtained from proceeds of crime. This move by Tether was considered an important step in the fight against illegal activities in the crypto world.

According to ZachXBT, DMM Bitcoin attackers first move stolen funds to privacy mixers and then pass them to Ethereum and Avalanche networks using bridging protocols such as THORChain.

In this process, the stolen cryptocurrencies are moved in different chains, their traces are lost, and then they are converted into Tether and transferred to the Tron network. In the final stage, these funds are deposited into stock exchanges such as Huione and laundered there.

The DMM Bitcoin hack once again revealed the security vulnerabilities of cryptocurrency exchanges and the complex strategies of hacker groups. Such attacks highlight the importance of stronger security measures and regulatory mechanisms in the cryptocurrency world.

At the same time, the traceability of blockchain technology and its role in the fight against cybercrime comes to the fore again with such events.