North Korea's Lazarus Group Resumes Laundering Stolen Funds via Tornado Cash Amidst Sanctions
Summary:
In spite of facing sanctions, North Korea's Lazarus Group has resumed using Tornado Cash to launder money acquired from hacking, as revealed by data from analytics firm Elliptic. The Group has transferred $12M stolen from HTX cryptocurrency exchange and its cross-chain platform, HTX Eco Chain, to Tornado since March 13. Tornado, a privacy tool functioning on Ethereum blockchain for crypto mixture, has been sanctioned for allegedly laundering over $1B illicit funds, including Lazarus Group's. Authorities have also been clamping down on crypto mixers and their developers for various associated crimes.
The Lazarus Group of North Korea has restarted its utilization of Tornado Cash to wash money obtained from hacking activities, in spite of prohibitions against the cryptographic money mixer. Blockchain activity recently detected by analytics company Elliptic has revealed transfers of digital currency amounting to $12 million from Lazarus hackers to Tornado's digital wallets since March 13. These were finances burglarized in November from the HTX cryptocurrency exchange and its cross-chain platform, HTX Eco Chain (HECO). The HTX exchange experienced a $30 million loss from its hot wallets during a cyberattack on November 22, and the HECO Chain suffered a major theft of $86.6 million on the same day. The stolen money was changed into Ether (ETH) using decentralized exchanges and remained inactive until this week. A graphic representation shows the movement of stolen money from HTX/HECO to Tornado Cash.
Tornado Cash is a distributed, noncustodial privacy instrument created on the Ethereum blockchain. This crypto-mixer leverages smart contracts to accept ETH and ERC-20 token deposits from a specific address and then allows a different address to withdraw them. In August 2022, the U.S. Treasury Department sanctioned the platform for reportedly facilitating the laundering of over $1 billion in unlawful funds, some of which were associated with the Lazarus Group.
Despite the sanctions, Tornado Cash is still operational. Unlike centralized mixers, such as Sinbad.io, it cannot be easily taken down as it functions through smart contracts on decentralized blockchain platforms, Elliptic clarified. After losing access to other mixers, Lazarus Group has apparently shifted back to Tornado Cash. Following the sanctions, the hackers primarily used cross-chain bridges and Bitcoin mixer Sindbad for money laundering. However, Sindbad was seized by Finnish authorities in November 2023 after U.S. sanctions were implemented, eliminating another mixer for the hackers. In May 2022, the U.S. government cracked down on crypto mixers by shutting down the Blender platform.
Cryptocurrency mixer developers are also in the authorities' crosshairs. Roman Storm and Alexey Pertsev, the developers of Tornado Cash, have been arraigned on multiple charges by U.S. authorities, such as conspiracy towards money laundering, violating sanctions, and running an unauthorized money transmission business. Bitcoin Fog's founder, another crypto mixer, was found guilty of money laundering on March 12 in a related case. Here's a magazine feature titled "Inside Pink Drainer" where a security analyst explores his crypto scam enterprise.
Published At
3/14/2024 11:49:23 PM
Disclaimer: Algoine does not endorse any content or product on this page. Readers should conduct their own research before taking any actions related to the asset, company, or any information in this article and assume full responsibility for their decisions. This article should not be considered as investment advice. Our news is prepared with AI support.
Do you suspect this content may be misleading, incomplete, or inappropriate in any way, requiring modification or removal?
We appreciate your report.