Atomic Wallet hacker transfers part of the funds to the Russian exchange Garantex
Elliptic representatives claim that North Korean hackers from the Lazarus group are behind the wallet’s hack
13.06.2023 - 08:15
851
2 min
0
What’s new? An unknown hacker who hacked the Atomic Wallet crypto wallet on June 3 has transferred part of the funds to the Russian exchange Garantex, which came under US Treasury Department sanctions last April. Suspected North Korean hackers from the Lazarus group used Garantex to launder stolen funds, according to Elliptic, an analytics company involved in the investigation of the incident.
After a significant and successful cross-community effort between @elliptic, many of our exchange partners and friends to freeze stolen @AtomicWallet funds, Lazarus have now turned to OFAC-sanctioned Exchange, Garantex, to trade their assets for BTC... pic.twitter.com/5Lk9DeGjr8 — Elliptic Investigations (@Elliptic_Inv) June 12, 2023
What else is known about the situation? Elliptic’s team described a successful joint effort by the company and its exchange partners to freeze the stolen assets, which analysts say amount to more than $35 million. Despite this, Lazarus hackers found other ways to exchange illegally obtained funds for bitcoin, Elliptic noted.
On June 5, analysts reported that the Atomic hacker began withdrawing funds through the Sinbad crypto mixer, which had previously been used by Lazarus hackers to launder more than $100 million in crypto assets from the Axie Infinity hack and Horizon Bridge attack.
Experts believe Sinbad is likely a renamed version of the Blender mixer, which was heavily used by hackers from the Lazarus group and was the first such service to come under US Treasury Department sanctions for its ties to North Korea. Elliptic added that funds withdrawn by hackers from Garantex continue to be laundered through Sinbad.
Useful material?
Telegram 
Twitter Incidents
The company is linking the incident to a compromised private key on a service wallet, rather than a smart contract exploit
May 22, 2026
Incidents
Following the incident, the project temporarily halted trading operations and node activity.
May 15, 2026
Incidents
The user spent weeks unsuccessfully trying to guess the password until Claude helped find an old wallet backup file
May 14, 2026
Crypto regulations
Authorities are introducing mandatory registration for companies handling cross-border crypto transactions
May 8, 2026
Incidents
According to Blockaid, the attack may have been carried out by the same hacker behind the 1inch Fusion V1 exploit.
May 7, 2026
Incidents
The attacker gained administrative access and altered contracts to drain user funds
Apr 30, 2026
Cryptocurrency rates
-
Bitcoin
$63 755
BTC
-4.99%
-
Ethereum
$2 551.16
ETH
+3.56%
-
BNB Smart Chain
$579.4
BSC
+1.23%
-
Ripple
$1.19
XRP
-3.33%
-
Dogecoin
$0.089755
DOGE
-4.44%
-
TRON
$0.160134
TRX
-1.59%
-
Zcash
$597.73
ZEC
-3.88%
-
Cardano
$0.196243
ADA
-8.43%
-
Stellar XLM
$0.209515
XLM
-6.63%
-
Polkadot
$3.32
DOT
+5.27%