The hackers behind the $305 million cryptocurrency exchange DMM Bitcoin hack in May have reportedly laundered more than $35 million at an online marketplace in Cambodia so far this month.

According to cryptocurrency sleuth ZachXBT, the funds have been laundered to Huione Guarantee, which operates in Cambodia and has been linked to the nation’s “ruling Hun family,” blockchain forensics firm Elliptic said in a July 10 post.

The marketplace has transacted $11 billion worth of crypto from hacks, pig butchering scams and other exploits, according to Elliptic.

“It is suspected that Lazarus Group is behind the hack due to similarities in laundering techniques and off chain indicators,” said ZachXBT.

Lazarus is moving millions from $305M DMM Bitcoin hack: ZachXBT image 0 Source: ZachXBT

The hackers have been depositing the stolen Bitcoin to privacy mixers, withdrawing that Bitcoin and bridging those funds to Ethereum or Avalanche via the cross-chain liquidity protocol THORChain.

ZachXBT said the funds are then converted into  USDT  and bridged to Tron before being transferred to Huione.

However, $28.2 million was blocked from being transferred to Huione after stablecoin issuer Tether blacklisted Tron wallet address “TNVaK…s4Ug8” on July 12.

This is the same wallet that extracted about $14 million from the DMM Bitcoin hack over the course of three days, ZachXBT noted.

Lazarus is moving millions from $305M DMM Bitcoin hack: ZachXBT image 1 Source: USDT/USDC Ban List

ZachXBT also  shared 538 wallet addresses linked to Lazarus Group, Huione and others linked to the DMM Bitcoin hack.

Related: UwU Lend hit by $20M crypto hack

Japan-based DMM Bitcoin lost $305 million in Bitcoin after a critical vulnerability was exploited. The vulnerability allowed the hackers to access DMM Bitcoin’s servers , causing an “unauthorized leak” of Bitcoin on May 30.

The cryptocurrency exchange raised $320 million about a week later to compensate users for the losses.

Over $1.4 billion worth of cryptocurrencies have been stolen so far in 2024, according to blockchain security firm Cyvers.

Centralized exchanges have become a main target for hackers, with losses increasing 900% over the last 12 months.

“This quarter has witnessed a significant shift in attack vectors, with centralized exchanges (CEX) bearing the brunt of major incidents, while decentralized finance (DeFi) protocols show improved resilience,” Cyvers said.

Magazine: Deposit risk: What do crypto exchanges really do with your money?