In a latest improvement, North Korean hackers related to the infamous Lazarus Group have exploited the coin-mixing service Tornado Cash to launder roughly $12 million value of stolen Ethereum (ETH) inside the previous 24 hours.
The incident follows the theft of $100 million in cryptocurrency from the HTX crypto change and its HECO Bridge in November 2023, attributed to the Lazarus Group by blockchain analytics agency Elliptic and different specialists.
$100M Crypto Heist And Ethereum Laundering Uncovered
The Lazarus Group, a widely known cybercrime group believed to be backed by the North Korean regime, has an extended historical past of conducting high-profile hacking campaigns.
According to Elliptic’s newest crypto crime report, in November 2023, the infamous Lazarus Group allegedly orchestrated a significant heist focusing on the HTX crypto change and its cross-chain bridge, ensuing within the theft of $100 million in varied cryptocurrencies, together with Ethereum.
Evidence gathered by Elliptic and different specialists pointed to the involvement of the Lazarus Group primarily based on the modus operandi and subsequent motion of the stolen funds.
The investigation additional notes that, following their “usual pattern” of crypto-laundering, the hackers rapidly transformed the stolen tokens into Ethereum by decentralized exchanges (DEXs).
These illicitly acquired Ethereum funds remained dormant till just lately, on March 13, when the hackers started funneling them by Tornado Cash. Tornado Cash is a decentralized, sensible contract-based mixer beforehand sanctioned by the US Treasury in August 2022 for its affiliation with laundering $455 million from the Lazarus Group crypto hacks.
However, the decentralized nature of Tornado Cash’s operations has prevented it from being shut down like centralized mixers like Sinbad.io.
The Last Resort For Lazarus Group
According to the blockchain analytics agency, in response to the sanctions imposed on Tornado Cash, the Lazarus Group shifted its focus to utilizing cross-chain bridges and the Bitcoin-based mixer Sinbad.io instead.
However, in November 2023, Sinbad.io itself was seized by US authorities, eliminating one other commingling choice for the hackers. As a outcome, the group seems to have returned to Tornado Cash, utilizing its decentralized structure and resistance to raids to launder funds at scale and obscure its transaction path.
Ultimately, Elliptic means that the resurgence of the Lazarus Group’s reliance on Tornado Cash could be attributed to the “diminishing availability” of large-scale mixers resulting from regulation enforcement operations focusing on companies like Sinbad.io and Blender.io.
With fewer viable options, the group has capitalized on Tornado Cash’s continued operation regardless of sanctions, exploiting sensible contracts’ safety and decentralized nature on blockchain networks.
As of the time of writing, Ethereum is presently buying and selling at $3,870. Earlier this week, it reached a two-year high of $4,084; nevertheless, it didn’t maintain consolidation above this degree. Consequently, over the previous 24 hours, ETH has skilled a 2.5% decline in worth.
Featured picture from Shutterstock, chart from TradingView.com
