A recent $305 million hack of DMM Bitcoin, linked to North Korea’s Lazarus Group, saw $35 million laundered through Cambodia’s Huione Guarantee. The firm, connected to Cambodia’s ruling family, underscores the complexities and regulatory challenges in the cryptocurrency space. This incident highlights the need for robust international cooperation and adaptive regulatory frameworks to combat emerging financial crimes.

According to new revelations, more than $35 million from the $305 million theft of the Japanese cryptocurrency exchange DMM Bitcoin was tracked back to Huione Guarantee, a Cambodian corporation. The breach, alleged to be carried out by North Korea’s Lazarus Group, has shed light on hackers’ elaborate and methodical laundering procedures. 

The DMM Bitcoin breach on May 31, 2024, caused a $305 million loss, upsetting the cryptocurrency sector. ZachXBT, an on-chain investigator, was instrumental in finding the trail of $35 million in stolen payments that were funnelled through Huione Guarantee. This Cambodian corporation, a subsidiary of Huione Pay, has received a lot of attention because of its relationship with Hun To, the cousin of Cambodia’s Prime Minister, Hun Manet. The breach has been linked to the notorious Lazarus Group, a North Korean cybercrime group known for its sophisticated operations. ZachXBT and TRM Labs found commonalities in laundering strategies and off-chain signs linked to the Lazarus Group, emphasising the systematic nature of the laundering process.

The Role of Huione Guarantee

Huione Guarantee is more than just a payment system; it plays an essential role in laundering criminal funds. Huione Pay operates as an escrow service, facilitating transactions on its platform. Corporate papers show Hun To’s direct involvement, implying a longstanding relationship with Cambodia’s political elite. This connection raises significant concerns regarding the possibility of state-sponsored or tolerated criminal actions. Huione Guarantee’s network includes thousands of Telegram groups that provide services ranging from money laundering to building fraudulent websites. The company’s involvement in the DMM Bitcoin breach emphasises its role as a critical node in laundering stolen cryptocurrency.

The laundering procedure used in the DMM Bitcoin attack shows North Korean cybercriminals’ highly systematic and inventive techniques. Ari Redbord of TRM Labs described the breach as having all the characteristics of a classic North Korean operation, including the massive scale of the theft and the structured laundering procedure.

A significant innovation in this case was the employment of a new mixer, which differed from those generally employed by the Lazarus Group. This shift is most likely a reaction to rising penalties, criminal proceedings, and the closure of several mixers, which have hindered traditional money-laundering routes. The adaptability and growth of these approaches underscore the difficulties regulatory and law enforcement organisations encounter in fighting such sophisticated operations.

Broader Implications

The involvement of a Cambodian company in such a large cryptocurrency scam operation has far-reaching consequences. Huione Guarantee’s ties to Cambodia’s royal family point to either collaboration or, at the very least, carelessness in dealing with these unlawful activities. This connection raises concerns about the integrity of financial systems in nations with less severe regulatory frameworks. The disclosure of Huione Guarantee’s $11 billion scam operation, linked to Cambodia’s political elite, calls into question the country’s commitment to tackling financial crime. The Cambodian government’s response to these claims will be essential in deciding the country’s future position in the global economic system.

Elliptic’s on-chain investigation has shown solid proof of Huione Guarantee’s involvement in laundering criminal monies. According to the firm’s study, a large amount of the $11 billion going through Huione Guarantee’s wallets is associated with unlawful operations. This conclusion was supported by Tether’s recent decision to freeze $30 million in USDT on Tron addresses related to the Huione Guarantee. The research revealed a clear path for the DMM Bitcoin funds, including a mixer, conversion to USDT, and subsequent transfer to the Huione Guarantee. This thorough on-chain proof emphasises the need for heightened monitoring and regulatory control in cryptocurrency to prevent large-scale illegal operations.

The Role of Web3 Technologies in Facilitating Scams

The emergence of Web3 technologies has created both innovation and new obstacles in the digital realm. In the case of the DMM Bitcoin breach, Web3 technology played two roles. On the one hand, they provide increased privacy and decentralised operations, critical for genuine users who want more control over their assets and data. On the other hand, malevolent actors might use these qualities to allow intricate money laundering schemes and avoid discovery.

Huione Guarantee’s activities demonstrate how Web3 can be exploited. The startup uses blockchain technology to provide escrow services, ostensibly for genuine transactions. Yet, on-chain analysis tells a different reality, with the platform significantly involved in criminal activity. Blockchain technology’s anonymity and decentralisation make it impossible for authorities to track and halt these operations properly.

The case of Huione Guarantee demonstrates the importance of robust regulatory frameworks that can adapt to the changing technological landscape. While Web3 provides users with greater autonomy and privacy, it also requires better oversight and novel regulatory ways to prevent exploitation. The combination of advanced analytics and blockchain intelligence technologies, such as those employed by TRM Labs and Elliptic, is critical for identifying and managing risks.

 

Kelly
Kelly

Kelly has carved a niche in the dynamic world of Web3 over the past three years, combining her talents in marketing and writing to become a standout Web3 copywriter. Her journey in this innovative field is distinguished by her profound engagement with the decentralized technology landscape. Kelly’s creative prowess, coupled with her deep understanding of Web3, enables her to create compelling narratives that resonate deeply within the blockchain community. Beyond writing, Kelly’s marketing acumen has been instrumental in elevating various Web3 marketing projects, making them prominent in the realm of digital innovation.