ARTICLE AD BOX
Despite international sanctions, North Korea’s Lazarus Group has resumed laundering stolen cryptocurrency funds through Tornado Cash, a decentralized privacy tool.
Resumption of Laundering Activities
Recent on-chain activity highlighted by analytics firm Elliptic reveals that hackers associated with the Lazarus Group have transferred approximately $12 million in stolen cryptocurrency to Tornado Cash wallets since March 13. These funds were pilfered during a series of hacks in November from the crypto exchange HTX and its associated cross-chain bridge, HTX Eco Chain (HECO).
During the November attack, $30 million was drained from HTX exchange hot wallets, while the HECO Chain suffered a $86.6 million breach on the same day. Following the hacks, the stolen funds were converted into Ether (ETH) through decentralized exchanges and remained dormant until recently.
Tornado Cash: A Decentralized Privacy Tool
Tornado Cash, operating on the Ethereum blockchain, is a decentralized and noncustodial privacy tool that employs smart contracts to facilitate the anonymous transfer of ETH and ERC-20 tokens between addresses.
Despite being sanctioned by the U.S. Treasury Department in August 2022 for its alleged involvement in laundering over $1 billion in illicit funds, Tornado Cash has continued to operate. Unlike centralized mixers such as Sinbad.io, which have been shut down, Tornado Cash’s decentralized structure makes it immune to seizure.
Lazarus Group’s Shift to Tornado Cash
The Lazarus Group’s return to Tornado Cash comes after other mixer options, including cross-chain bridges and the Bitcoin mixer Sindbad, were rendered inaccessible due to sanctions. Sindbad was seized by Finnish authorities in November 2023 following the imposition of U.S. sanctions, eliminating another laundering avenue for the hackers. Additionally, the closure of the Blender platform in May 2022 further limited options for crypto mixers.
Legal Actions and Crackdown
Notably, developers of mixer platforms have also faced legal repercussions. Roman Storm and Alexey Pertsev, developers of Tornado Cash, have been charged by U.S. authorities with various crimes, including conspiracy to commit money laundering and operating an unlicensed money-transmitting business. Similarly, the founder of Bitcoin Fog was recently convicted of money laundering.
Ongoing Challenge for Authorities
The ongoing use of Tornado Cash by the Lazarus Group underscores the challenges faced by authorities in combating illicit activities in the cryptocurrency space. Despite regulatory efforts and legal actions against mixer platforms, hackers continue to exploit privacy tools to launder stolen funds, posing significant challenges to law enforcement agencies worldwide.