North Korea's Lazarus Group Back to Laundering with Sanctioned Tornado Cash

Sentiment: Neutral

In a bold move, hackers affiliated with North Korea's notorious Lazarus Group have resumed their utilization of Tornado Cash, a crypto mixing service, for laundering stolen cryptocurrency. Despite sanctions imposed by the United States, blockchain analytics firm Elliptic has detected suspicious on-chain activities, amounting to over $12 million in stolen funds transferred to Tornado Cash wallets since March 13th.

Hack Origins

The stolen funds trace back to a November 2023 cyberattack targeting the HTX crypto exchange and the HECO blockchain bridge, resulting in the theft of $30 million from HTX's hot wallets and $86.6 million from the HECO Chain on the same day.

The stolen funds were initially converted to Ethereum (ETH) through decentralized exchanges and lay dormant until their recent laundering attempts.

Tornado Cash operates as a privacy tool on the Ethereum blockchain, allowing users to obscure the source and destination of their crypto transactions through smart contracts, making it an attractive option for money laundering purposes.

Sanctions and Challenges

Despite being sanctioned by the US Treasury Department in August 2022 for allegedly laundering over $1 billion in illicit funds, Tornado Cash remains operational due to its decentralized nature, posing challenges for authorities seeking to curb its usage.

With previous attempts utilizing alternative methods such as cross-chain bridges and the Bitcoin mixer thwarted by authorities, Lazarus Group has returned to Tornado Cash, indicating the resilience and adaptability of cybercriminal networks.

Government Crackdown

In addition to sanctions, the US government has taken legal action against the developers of Tornado Cash, charging them with money laundering, sanctions violations, and operating an unlicensed money transmitter. Similar crackdowns have been witnessed in cases such as Bitcoin Fog.

The resurgence of North Korean hackers utilizing Tornado Cash despite sanctions underscores the challenges faced by authorities in combating cybercrime within the cryptocurrency space. With regulatory actions escalating and criminal tactics evolving, the battle against illicit cryptocurrency activities continues to unfold on a complex and global scale.

About the Author

Enthusiastic writer whose current area of interest is the blockchain sector. When not writing, you will find her reading essays on sociology and playing/listening to music. Firm believer that crypto will transform the world.

Latest writings