North Korean hackers, associated with the Lazarus Group, reportedly laundered around $12 million worth of stolen Ethereum through the coin-mixing service Tornado Cash within the past 24 hours. This exploitation comes in the wake of the Lazarus Group's involvement in the theft of $100 million from the HTX crypto exchange in November 2023.
Lazarus Group Steals $100M from HTX Exchange
The Lazarus Group, a cybercrime organization believed to have ties to the North Korean regime, orchestrated a significant heist in November 2023, targeting the HTX crypto exchange and its cross-chain bridge. The stolen funds, including Ethereum, amounted to $100 million, according to reports by blockchain analytics firm Elliptic.
Lazarus Group Utilizes DeFi Platforms to Launder Stolen Ethereum via Tornado Cash
Following their typical pattern, the hackers swiftly converted the stolen tokens, including Ethereum, into other cryptocurrencies through decentralized exchanges (DEXs). Subsequently, the illicitly acquired Ethereum remained dormant until March 13, when the hackers began laundering the funds through Tornado Cash.
Lazarus Group Pivots to Tornado Cash After Seizure of Bitcoin Mixer Sinbad.io
In response to sanctions on Tornado Cash, the Lazarus Group explored alternative options such as cross-chain bridges and the Bitcoin-based mixer Sinbad.io. However, Sinbad.io was seized by US authorities in November 2023, leaving Tornado Cash as a primary laundering method due to its decentralized nature and resistance to shutdowns.
Lazarus Group Turns Back to Tornado Cash Amid Reduced Availability of Major Mixers Following Sinbad.io and Blender.io Crackdown
Elliptic suggests that the Lazarus Group's renewed reliance on Tornado Cash stems from the decreasing availability of large-scale mixers, following law enforcement operations targeting services like Sinbad.io and Blender.io.