Elliptic: Lazarus hackers returned to using Tornado Cash after blocking the Sinbad mixer
Hackers have started moving funds from the HTX crypto exchange hack into Tornado
15.03.2024 - 08:10
106
3 min
0
What’s new? Elliptic analysts have recorded the movement of funds related to the hack of the HTX exchange and its HECO cross-chain protocol. The attack, which experts attribute to the North Korean group Lazarus, caused the platforms to lose $100 million in November 2023. The stolen funds remained stationary for a long time, but on March 13, they began moving into the Tornado Cash crypto mixer, which was placed on a sanctions list by the US Treasury Department back in August 2022.
What else is known? Following common cryptocurrency laundering schemes, immediately after the hack, the hackers exchanged the stolen tokens for ETH coins using decentralized exchanges (DEXs) but then suspended further transfers.
Lazarus then sent over $12 million to Tornado Cash in more than 40 transactions on March 13 and 14. The service was banned by US authorities for helping to launder $455 million stolen by Lazarus. In response, the group stopped using Tornado Cash and switched to using another crypto mixer called Sinbad.
Then in November 2023, the US Treasury Department banned Sinbad as well, also for its ties to DPRK hackers, eliminating its continued use by Lazarus.
Backdoor has been discovered in the Tornado Cash interface to intercept deposit data
According to community representatives, it has been functioning for two months
However, Elliptic notes that Tornado Cash continues to operate despite the sanctions. The service uses smart contracts on decentralized blockchains, so it can not be seized and shut down in the same way centralized mixers like Sinbad can.
“Lazarus Group now appear to have returned to using Tornado Cash as a way to launder funds at scale and obfuscate their transaction trail,” the company concluded.
In 2023, DPRK hackers carried out a record number of attacks on crypto projects. The damage in this case decreased in comparison with the record of 2022, amounting to just over $1 billion.
Later, the United States, South Korea, and Japan announced the beginning of joint development of measures to combat crypto hackers from the DPRK.
Useful material?
Telegram 
Twitter Market
Funds can be seized by law enforcers due to links to illegal activity
Apr 26, 2024
Market
Tether Finance division will be responsible for the issuance and redemption of USDT stablecoins
Apr 18, 2024
Trends
The first project introduced on the platform will be BounceBit (BB)
Apr 18, 2024
Business
The rate exchange of the native ACH token reacted with a 10% increase
Apr 18, 2024
Market
Miners are hunting for the first block after halving as the value of the first satoshi could exceed $1 million
Apr 18, 2024
Market
The platform will be non-custodial and accessible to everyone
Apr 15, 2024
Cryptocurrency rates
-
Bitcoin
$63 581
BTC
+0.25%
-
Ethereum
$3 253.57
ETH
+4.53%
-
BNB Smart Chain
$597.91
BSC
+0.35%
-
Ripple
$0.518725
XRP
-0.71%
-
Dogecoin
$0.148247
DOGE
+0.34%
-
Cardano
$0.469089
ADA
+1.45%
-
Bitcoin Cash
$479.17
BCH
-0.64%
-
Polkadot
$6.84
DOT
+1.48%
-
Litecoin
$84.13
LTC
-3.99%
-
Stellar XLM
$0.11443
XLM
+0.58%