Atomic Wallet hacker transfers part of the funds to the Russian exchange Garantex

Elliptic representatives claim that North Korean hackers from the Lazarus group are behind the wallet’s hack

13.06.2023 - 08:15

388

2 min

What’s new? An unknown hacker who hacked the Atomic Wallet crypto wallet on June 3 has transferred part of the funds to the Russian exchange Garantex, which came under US Treasury Department sanctions last April. Suspected North Korean hackers from the Lazarus group used Garantex to launder stolen funds, according to Elliptic, an analytics company involved in the investigation of the incident.

After a significant and successful cross-community effort between @elliptic, many of our exchange partners and friends to freeze stolen @AtomicWallet funds, Lazarus have now turned to OFAC-sanctioned Exchange, Garantex, to trade their assets for BTC... pic.twitter.com/5Lk9DeGjr8 — Elliptic Investigations (@Elliptic_Inv) June 12, 2023

What else is known about the situation? Elliptic’s team described a successful joint effort by the company and its exchange partners to freeze the stolen assets, which analysts say amount to more than $35 million. Despite this, Lazarus hackers found other ways to exchange illegally obtained funds for bitcoin, Elliptic noted.

On June 5, analysts reported that the Atomic hacker began withdrawing funds through the Sinbad crypto mixer, which had previously been used by Lazarus hackers to launder more than $100 million in crypto assets from the Axie Infinity hack and Horizon Bridge attack.

Experts believe Sinbad is likely a renamed version of the Blender mixer, which was heavily used by hackers from the Lazarus group and was the first such service to come under US Treasury Department sanctions for its ties to North Korea. Elliptic added that funds withdrawn by hackers from Garantex continue to be laundered through Sinbad.

Author: