Last updated:
Circle, the issuer of the USDC stablecoin, is facing scrutiny from blockchain investigator ZachXBT for its delayed action in blacklisting funds tied to the North Korean hacking group Lazarus.
ZachXBT alleges that Circle took more than four months longer than other major stablecoin issuers to block addresses linked to the notorious group, which has been involved in several high-profile cryptocurrency thefts.
The criticism follows a hack on September 11 targeting the Indonesian crypto exchange Indodax, reportedly orchestrated by the Lazarus Group.
The attack resulted in the theft of over $20 million, leading Indodax to suspend operations temporarily.
Use of Stablecoins in Laundering Stolen Funds
The hack has reignited concerns about the use of stablecoins in laundering stolen funds, particularly by cybercriminals like the Lazarus Group.
According to investigations, the Lazarus Group has laundered an estimated $200 million from various crypto-related hacks into stablecoins, including USDT and USDC, between 2020 and 2023.
These findings have raised alarms about the role of stablecoins in facilitating illegal activities and the responsibility of issuers like Circle to prevent such misuse.
ZachXBT’s accusations against Circle go beyond the Lazarus-linked hack, suggesting a broader failure to act swiftly in responding to DeFi hacks and exploits.
Despite having substantial resources and staff, Circle is alleged to lack a dedicated incident response team to handle such situations effectively.
The investigator’s claims come amid growing calls for stronger regulation of stablecoins and heightened anti-money laundering measures in the crypto industry.
Recent updates from ZachXBT indicate that all four major stablecoin issuers—Paxos, Tether, Techteryx, and Circle—have now blacklisted two addresses tied to the Lazarus Group.
These addresses, 0x36f2D3871edd59d5C06DB8F0b12bE928d5922A70 and 0x12ED7f6ed0491678764c2b222A58452926E44DB6, held stablecoins like USDT, BUSD, TUSD, and USDC.
The total value of frozen assets stands at $4.96 million, with Circle being the last to act, blacklisting the funds on September 14, 2024—nearly five months after the other issuers.
In total, $6.98 million has been frozen, including an additional $1.65 million seized at various crypto exchanges.
ZachXBT, known for his high-profile investigations, has previously exposed Martin Shkreli as the creator of TrumpCoin and tied a hack of a GCR account to a Solana meme coin team.
Crypto Projects Lost $310M to Scams in August
As reported, August saw a surge in crypto-related scams, with a staggering $310 million lost to various exploits, making it the second-highest monthly total this year.
However, $10.3 million of the stolen assets were eventually recovered or returned, leaving the net loss at $300.6 million.
Phishing incidents emerged as the most damaging, accounting for approximately $293 million of the total losses.
Two particularly large-scale phishing attacks resulted in the theft of $238 million in Bitcoin and $55 million in DAI stablecoin.
Aside from phishing, other notable losses in August included attacks on several crypto projects.
For instance, the Ronin Network, an Ethereum Virtual Machine (EVM)-based sidechain, was exploited by a white hat hacker on August 6, resulting in the theft of 4,000 ETH, valued at $9.85 million at the time.
Additionally, flash loan attacks, though still concerning, resulted in relatively lower losses of $1.2 million in August compared to previous months.
In contrast to the rise in phishing and other forms of exploitation, exit scams saw a significant decline, with losses dropping to $800,000 in August, down from around $3 million in July.