Lazarus Group Re-branding Blender Coin Mixer to Launder Crypto

• North Korean hacking group, Lazarus, is allegedly using a new crypto mixer called Sinbad to launder stolen funds.
• According to Elliptic and Yonhap, Lazarus is linked to the Reconnaissance General Administration in North Korea.
• Chainalysis also believes that more than $24 million has been sent through Sinbad from hacks attributed to Lazarus.

North Korea’s Lazarus Allegedly Using Crypto Mixer

North Korea’s alleged cybercrime group, Lazarus, has apparently turned to a new crypto mixer known as Sinbad in order to launder stolen funds. According to the blockchain analytics firm Elliptic and South Korean news agency Yonhap, the group is affiliated with North Korea’s Reconnaissance General Administration. The United States and South Korea have blamed this organization and its affiliated groups for multiple high-level crypto hacks.

Why Is It Believed That North Korean Hackers Use Coin Mixers?

Security providers and government agencies believe that Pyongyang-linked groups have used coin mixers for anonymizing transactions in order to build up a vast fortune of cryptocurrency which is then used to fund their costly missile programs. Last year, Blender was hit with sanctions from the US State Department due to its use of laundering money stolen by North Korea; however it shut down in April 2022 leaving behind around $22 million worth of Bitcoin (BTC).

Rebranding Blender as Sinbad

Elliptic claims that Blender has since “re-launched” under the new name of Sinbad and had laundered close to $100 million worth of Bitcoin from hackings attributed by Lazarus. Furthermore, Chainalysis stated that more than $24 million was sent through Sinbad from these same hackings.

What Is A Coin Mixer?

Coin mixers are services which are used for anonymizing blockchain transactions; they make it hard for instigators or investigators trace back where coins were originally sent from making it difficult see whether coins obtained illegally have been transferred elsewhere or swapped for cash. According to Elliptic research, Sinbad was released in early October last year and despite its small size quickly became popular among those involved with Lazarus Group who had already laundered tens of millions of dollars through Blender prior its shutdown.


In conclusion, it appears that North Korean hackers are using coin mixers such as Sinbad as a way of laundering money obtained through illegal activities without being traced back by security providers or government agencies – allowing them continue funding expensive missile programs without detection or consequence