North Korea's Lazarus Group Back to Laundering with Sanctioned Tornado Cash

Sentiment: Neutral

Despite US sanctions, North Korean hackers laundered $12 million through Tornado Cash, highlighting challenges in combating cybercrime.

In a bold move, hackers affiliated with North Korea's notorious Lazarus Group have resumed their utilization of Tornado Cash, a crypto mixing service, for laundering stolen cryptocurrency. Despite sanctions imposed by the United States, blockchain analytics firm Elliptic has detected suspicious on-chain activities, amounting to over $12 million in stolen funds transferred to Tornado Cash wallets since March 13th.

The stolen funds trace back to a November 2023 cyberattack targeting the HTX crypto exchange and the HECO blockchain bridge, resulting in the theft of $30 million from HTX's hot wallets and $86.6 million from the HECO Chain on the same day.

The stolen funds were initially converted to Ethereum (ETH) through decentralized exchanges and lay dormant until their recent laundering attempts.

Tornado Cash operates as a privacy tool on the Ethereum blockchain, allowing users to obscure the source and destination of their crypto transactions through smart contracts, making it an attractive option for money laundering purposes.

Despite being sanctioned by the US Treasury Department in August 2022 for allegedly laundering over $1 billion in illicit funds, Tornado Cash remains operational due to its decentralized nature, posing challenges for authorities seeking to curb its usage.

With previous attempts utilizing alternative methods such as cross-chain bridges and the Bitcoin mixer Sinbad.io thwarted by authorities, Lazarus Group has returned to Tornado Cash, indicating the resilience and adaptability of cybercriminal networks.

In addition to sanctions, the US government has taken legal action against the developers of Tornado Cash, charging them with money laundering, sanctions violations, and operating an unlicensed money transmitter. Similar crackdowns have been witnessed in cases such as Bitcoin Fog.

The resurgence of North Korean hackers utilizing Tornado Cash despite sanctions underscores the challenges faced by authorities in combating cybercrime within the cryptocurrency space. With regulatory actions escalating and criminal tactics evolving, the battle against illicit cryptocurrency activities continues to unfold on a complex and global scale.