In a recent revelation by Elliptic, a cybersecurity firm, North Korean hackers have been implicated in laundering approximately $12 million stolen from a Heco Bridge hack.
The illicit funds were processed through Tornado Cash, a cryptocurrency mixing service known for its privacy-focused transactions.
Over the last 24 hours, the hacking group responsible for the attack conducted over 40 transactions to Tornado Cash, aiming to obscure the origins of the stolen funds.
North Korean cyber operatives, notably affiliated with the notorious Lazarus Group, have orchestrated a sophisticated laundering scheme, channeling $12 million in Ethereum (ETH) through the coin mixing service Tornado Cash within a mere 24-hour window.
In-depth analysis
An in-depth analysis by the blockchain intelligence firm Elliptic unveiled that Lazarus Group executed over 40 transactions to Tornado Cash between March 13 and March 14. This revelation ties into Elliptic’s further attribution of a massive $100 million heist targeting the Heco Bridge and HTX in November to the same group.
Recorded Future, a prominent cybersecurity analysis firm, has documented Lazarus Group’s involvement in digital thefts aggregating over $3 billion across the last six years, underscoring the group’s persistent threat in the cyber landscape.
In the wake of U.S. sanctions imposed on Tornado Cash in August 2022, Lazarus Group briefly pivoted to another mixing service named Sinbad to veil their financial maneuvers.
Nevertheless, the subsequent seizure of Sinbad by U.S. authorities in November coerced a strategic revert to Tornado Cash, as detailed in an Elliptic blog post.
Amidst these events, Roman Storm, a co-founder of Tornado Cash, was detained last year, currently pending trial on allegations of money laundering. His counterpart, Roman Semenov, faces similar charges, albeit remaining at large.
