Introduction: Uncovering the Allegations
On October 23, blockchain investigator ZachXBT made a startling revelation on social media platform X. He identified Yicong Wang, a Chinese over-the-counter (OTC) trader, who operates under several aliases, including ‘Seawang,’ ‘Greatdtrader,’ and ‘BestRhea977.’ Wang has allegedly played a significant role in laundering millions of dollars in cryptocurrency stolen by the infamous Lazarus Group, which is linked to North Korea.
Wang’s Involvement in Cryptocurrency Laundering
ZachXBT’s investigation revealed that Wang has been involved in laundering cryptocurrency since 2022. His method primarily involved converting stolen funds into cash through bank transfers. The inquiry was initiated after a trader reported that their account was frozen following a peer-to-peer transaction with Wang. This prompted a deeper investigation, which established a connection between Wang and a series of stolen funds from high-profile hacks.
High-profile Hacks and Laundering Techniques
Among the notable findings, it was revealed that Wang facilitated the laundering of $17 million associated with over 25 hacks linked to the Lazarus Group. This illicit activity was traced back to an Ethereum address that had been partially blacklisted by Tether in November 2023, resulting in the freezing of 374,000 USDT (Tether’s stablecoin).
After the blacklisting, further funds were laundered through Tornado Cash, a service that obscures the origins of cryptocurrency transactions. Large amounts of ETH were subsequently withdrawn and consolidated into another wallet. Additionally, in December 2023, Wang orchestrated the transfer of $45,000 to the Tron blockchain, dispersing it across several addresses directly associated with him.
Connections to Major Hacks
Wang’s wallet activity indicated extensive ties to Lazarus Group operations, including the notorious $4.5 million hack of Alex Labs in May 2024, along with other substantial breaches involving Irys, EasyFi, Bondly, and Maverick.
Notably, despite Wang being banned from platforms like Paxful and Noones for his involvement in laundering operations under multiple aliases, he has reportedly adapted by conducting his business offsite. ZachXBT emphasized that on-chain data reflects that Wang has remained active in assisting the Lazarus Group in recent weeks, despite the mainstream crackdown.
The Lazarus Group’s Escalating Threat
The Lazarus Group has gained notoriety in the cryptocurrency world for executing numerous high-profile hacks, including the staggering $625 million exploit of the Ronin blockchain. The U.S. Federal Bureau of Investigation (FBI) issued a warning in early September regarding the group’s sophisticated social engineering tactics, which they use to exploit decentralized finance (DeFi) and cryptocurrency companies.
The FBI’s notice from September 3 outlined that these malicious actors have been stealing funds by performing in-depth research on cryptocurrency-linked exchange-traded funds (ETFs). Moreover, previous reports from ZachXBT indicated that between 2020 and 2023, the Lazarus Group laundered over $200 million from more than 25 crypto hacks.
Conclusion: A Continual Threat in the Crypto Space
Since its emergence in 2009, the Lazarus Group has stolen more than $3 billion in cryptocurrency assets by 2023, asserting its position as one of the most notorious hacking groups in the digital asset space. As investigations continue, the spotlight remains on individuals like Yicong Wang, whose actions highlight the ongoing challenges and vulnerabilities within the cryptocurrency ecosystem.