North Korea's Lazarus Group Uses Tornado Cash to Launder $150M in Stolen Crypto: UN Report
Summary:
A leaked United Nations report reveals North Korean hackers, known as the Lazarus Group, laundered $150 million in stolen cryptocurrency assets using the privacy protocol Tornado Cash. The funds were illicitly extracted from HTX, a crypto exchange owned by Tron founder Justin Sun. The UN is presently investigating 97 North Korean cyberattacks that syphoned about $3.6 billion worth of cryptocurrencies from 2017 to 2024. Alexey Pertsev, the developer of Tornado Cash, was recently sentenced to over five years in prison for laundering $1.2 billion worth of illicit assets, with implications for open-source developers.
In a damning leak from a secret United Nations (UN) report, it has been revealed that North Korean proxies carried out a crypto cleaning operation using Tornado Cash, a privacy protocol, to launder close to $150 million in stolen cryptocurrency assets in March. The notorious cyber-attackers, known as the Lazarus Group, successfully relocated a significant haul of idle stolen cryptocurrencies back to North Korea. During a massive cyber-heist in March 2023, these hackers illicitly snatched $147.5 million worth of cryptocurrencies from Justin Sun's crypto exchange, HTX. Following a year, these funds found their way back to North Korea, thanks to Tornado Cash.
Tornado Cash and other crypto mixing services are a favorite amongst malicious actors, as they allow for anonymization of stolen cryptocurrency assets, making them essentially untraceable. Reuters' access to the UN report mentioned that there are currently 97 North Korean cyber-assaults under investigation, responsible for siphoning off about $3.6 billion in cryptocurrencies from 2017 to 2024. In 2024 alone, the UN probed "11 instances of cryptocurrency theft... amounting to $54.7 million." These heists were likely conducted by IT professionals from the Democratic People's Republic of Korea (DPRK), unwittingly hired by smaller crypto-centric firms.
Despite the US imposing sanctions on Tornado Cash in 2022 for allegedly assisting North Korea to sidestep cross-border remittance restrictions, the protocol's creators continued to deny their involvement for over two years. However, on May 14, Alexey Pertsev, the developer behind Tornado Cash, was found guilty of money laundering, a verdict which can have significant consequences for open-source code developers. Pertsev received a prison term of five years and four months for reportedly laundering $1.2 billion worth of illicit assets through his platform. His legal team was given a fortnight to appeal the judgment.
Tornado Cash isn't exclusively used by North Korean proxies; it's the prime choice of hackers worldwide for moving stolen funds. Blockchain detective firm, PeckShield, discovered on May 14 that $53 million worth of stolen Ether linked to the colossal $100 million Poloniex breach had been funneled through Tornado Cash. The hacker responsible relocated over 17,800 ETH from six separate wallets into a single Tornado Cash account.
Published At
5/15/2024 3:27:13 PM
Disclaimer: Algoine does not endorse any content or product on this page. Readers should conduct their own research before taking any actions related to the asset, company, or any information in this article and assume full responsibility for their decisions. This article should not be considered as investment advice. Our news is prepared with AI support.
Do you suspect this content may be misleading, incomplete, or inappropriate in any way, requiring modification or removal?
We appreciate your report.