Lazarus Group Exploits Tornado Cash to Launder Heco Bridge and HTX Hack Proceeds

Lazarus Group Exploits Tornado Cash to Launder Heco Bridge and HTX Hack Proceeds

Despite facing U.S. sanctions, North Korea’s Lazarus Group has resorted to utilizing Tornado Cash, a popular cryptocurrency mixer, for laundering illicit funds once again.

Blockchain analytics firm Elliptic revealed on March 14 that Lazarus channeled $12 million into the Ethereum-based crypto mixer. These funds, predominantly in Ether (ETH), originated from a cyberattack on Justin Sun’s HTX and the exchange’s cross-chain solution, Heco Bridge, back in November.

According to Elliptic and several other on-chain security firms, Lazarus executed a sophisticated $100 million attack on the two platforms in the previous year. The stolen funds laid dormant until March 13, when the notorious North Korean hacker group commenced laundering the pilfered HTX assets.

Elliptic further reported that Lazarus has conducted more than 40 transactions into the smart-contract-based mixer within the last 24 hours alone.

For a significant period, the criminal syndicate had been leveraging Tornado Cash to obscure transactions and cleanse ill-gotten gains until U.S. authorities imposed sanctions on the service in August 2022. However, due to its decentralized architecture, Tornado Cash managed to persist as the government could not effect a complete shutdown.

In response to the sanctions, U.S. agencies targeted other options preferred by the Lazarus Group, such as Bitcoin-based mixers Blender and Sinbad. Unlike Tornado Cash, these platforms operated under a centralized model, allowing law enforcement to shut them down entirely.

As reported by crypto.news, citing Chainalysis data, the crackdown led to a notable 29% reduction in crypto money laundering throughout 2023, as Lazarus and other malicious actors encountered challenges in offloading looted funds.

Nevertheless, Lazarus Group’s resurgence in utilizing Tornado Cash indicates a dearth of large-scale mixers, primarily due to U.S. enforcement actions and regulatory interventions.

Powered by Crypto Expert BD

Follow us on Twitter: https://x.com/CryptoExpert_BD

Join our Telegram channel: https://t.me/CryptoExpert_BD

Leave a Comment

Comments

No comments yet. Why don’t you start the discussion?

Leave a Reply

Your email address will not be published. Required fields are marked *