Lazarus laundered $174m in ETH stolen from HTX, moved assets to Bitcoin

Although the OFAC has banned it, the Tornado Cash cryptocurrency mixer persists in its function, aiding hackers linked to North Korea in washing away millions in illegally obtained digital funds.

In November 2023, Lazarus Group, a hacking organization linked to North Korea, effectively cleaned hundreds of millions of dollars in stolen Ethereum (ETH) from HTX (previously known as Huobi) and Heco Bridge.

Taylor Monahan, head of MyEtherWallet, announced on March 28 via a Reddit thread that thieves had managed to conceal the origin of over $170 million worth of stolen ETH (48,194 units) by washing it through Tornado Cash, a mixing service permitted by the Office of Foreign Assets Control (OFAC).

On November 22, 2023, Lazarus initiated the transfer of the funds they had stolen from HTX/Heco bridge back to their account. This occurred prior to March 13, 2024.

— Tay 💖 (@tayvano_) March 28, 2024

Monahan additionally included diagrams showing the methods used by the hackers in distributing the stolen cryptocurrency through over 300 transactions into various wallets, with each transfer being moved a couple of times for added concealment.

After blending their funds on Ethereum‘s network, the hackers moved the combined amount to Bitcoin‘s blockchain through THORSwap – a platform facilitating asset transfers between various networks. It’s uncertain if the hackers have withdrawn their ill-gotten gains as they often exchange stolen crypto for fiat money using over-the-counter markets.

In November 2023, HTX and Heco Chain’s Ethereum bridge suffered a significant cyberattack, causing the theft of millions in cryptocurrency. The attack left investors worried, with Justin Sun, an investor at the exchange, promising full compensation to customers. Yet, the details surrounding how the hackers managed to breach HTX’s hot wallet remain undisclosed.

In 2022, Tornado Cash faced sanctions from OFAC due to allegations that the cryptocurrency mixing service had facilitated the laundering of over $7 billion in crypto assets since 2019. This total included approximately $455 million traced back to Lazarus Group, around $96 million linked to funds obtained through the Harmony Bridge heist by malicious actors, and a minimum of $7.8 million associated with the Nomad heist.

Read More

2024-03-29 13:50