Chainalysis attributed the 2020 KuCoin exchange hack, involving roughly $275 million in stolen cryptocurrency, to Lazarus Group based partly on laundering patterns previously associated with the North Korean actor. The report says the attackers gained access to KuCoin hot-wallet private keys and then moved portions of the stolen funds through structured mixer payments, OTC brokers, and exchange deposit addresses. A notable change was Lazarus Group’s use of DeFi services such as Uniswap to swap stolen tokens, including LINK into ETH, without a custodial intermediary or KYC process. The activity showed Lazarus adapting laundering methods as exchanges and governments increased pressure on addresses tied to earlier cryptocurrency thefts.