USDC issuer group accused of “profiting” from Lazarus Group hack

USDC issuer Circle is facing serious allegations after blockchain investigator ZachXBT accused the company of allegedly “profiting” from transactions related to the North Korean hacker group Lazarus. ZachXBT, known for his investigative work in the Web3 space, criticized Circle and its CEO Jeremy Allaire on social media platform X. The criticism came in response to the failure to blacklist wallets involved in illegal activities in a timely manner.

USDC issuer faces backlash

According to ZachXBT, Circle delayed blocking funds associated with the Lazarus Group by 4.5 months compared to other major stablecoin issuers. He also expressed frustration with Circle's apparent inaction in preventing the group from using its platform for money laundering.

“You have not been blacklisted once following a DeFi exploit/hack, despite there being plenty of time while you continue to profit from the transactions,” ZachXBT wrote. These allegations come after the USDT issuer, along with other stablecoin issuers, blacklisted two wallet addresses linked to the Lazarus Group.

The group, notorious for its involvement in numerous crypto hacks, is suspected of recently carrying out an attack on the Indonesian crypto exchange Indodax. The hack occurred on September 11. This fiasco resulted in the theft of more than $20 million from the exchange, causing it to be temporarily shut down while the damage was assessed.

Later, the Indodax exchange reopened for transactions, with deposit, withdrawal, and staking services gradually restored. ZachXBT's findings showed that four major stablecoin issuers have blacklisted two addresses associated with Lazarus Group. These include Tether, Circle, Paxos, and Techteryx.

These wallets contain a total of $4.96 million spread across several stablecoins, including USDT, USDC, BUSD, and TUSD. In addition, $1.65 million belonging to the hackers was frozen by various crypto exchanges as part of an ongoing investigation. Thus, a total of $6.98 million was frozen from the wallet addresses associated with the group.

Brief history of the Lazarus Group attacks

Moreover, this is not the first time that the Lazarus Group has been linked to large-scale crypto thefts. ZachXBT had previously reported that the North Korean hackers laundered around $200 million from various exploits into stablecoins such as USDT and USDC between 2020 and 2023.

Furthermore, this latest incident further highlights the role that stablecoins play in money laundering schemes in the crypto space. In the meantime, other stablecoin issuers have taken more proactive steps to combat illicit activities.

Tether recently partnered with Tron and TRM Labs to create the T3 Financial Crime Unit, a task force dedicated to combating fraud and other illegal activities related to USDT. According to Tether, the T3 unit has already frozen more than 12 million USDT linked to fraud and fraudulent operations.

The USDC issuer has yet to respond directly to ZachXBT's allegations. On the other hand, discussions on stablecoin regulation and anti-money laundering are intensifying. This comes against the backdrop of growing concerns about the use of digital assets for illegal activities by state-backed hacker groups such as Lazarus.