Lazarus Group is described as a North Korean state-backed operation under the Reconnaissance General Bureau, functioning as a revenue-generating arm rather than an independent hacking collective. The excerpt says DPRK-linked actors have stolen an estimated $6.71 billion across about 270 incidents by early 2026, with annual crypto theft rising from roughly $810 million in 2022 to $2.02 billion in 2025. The Bybit case is presented as a major example: the FBI attributed the $1.5 billion Ethereum theft to TraderTraitor, a Lazarus sub-cluster, after attackers compromised a Safe contributor machine and manipulated frontend transaction details shown to signers. The laundering pattern described involves rapid swaps to ETH, fragmentation through bridges such as THORChain and Chainflip, and eventual exits through OTC desks or dormant wallets that later interact with DeFi protocols.