Reports have emerged suggesting that the illicit funds obtained from the $35 million hack of Atomic Wallet are once again on the move. It is believed that the sanctioned Russian-based crypto exchange Garantex has become the latest entity to come into contact with the hacked cryptocurrency.
Lazarus group wants to launder the stolen Atomic wallet funds
Blockchain security and compliance firm Elliptic provided an update on the situation, alleging that the North Korean hacking collective known as the Lazarus Group, which is believed to be behind the original attack, has been using Garantex to launder the stolen funds. Elliptic further stated that there had been a joint effort between their team and various exchange partners to freeze the stolen crypto. However, the Lazarus Group has managed to find alternative methods to trade their assets for Bitcoin.
In April 2022, the U.S. Office of Foreign Assets Control had already sanctioned Garantex, along with the Russian Hydra dark web marketplace. According to the Treasury Department, an analysis of known Garantex transactions revealed that over $100 million in transactions were associated with illicit actors and darknet markets.
Earlier this month, it was reported that the stolen funds were being funneled through the Sinbad.io mixer, a service frequently used by the Lazarus Group. Elliptic confirmed that the funds withdrawn from Garantex by the hackers continue to be obfuscated through the Sinbad.io mixer. Furthermore, the Treasury Department had also sanctioned Blender.io (previously known as Sinbad.io) in May 2022, warning that the service was being exploited by North Korea to support their malicious cyber activities and launder stolen virtual currencies.
Concerns mount over security and regulation in the crypto space
The hack of several Atomic Wallet user accounts occurred on June 3, resulting in losses of up to $35 million in digital assets. Atomic Wallet subsequently engaged the services of Chainalysis, a blockchain security and analysis company, to investigate the incident. However, Chainalysis declined to provide any updates on the investigation.
The Lazarus Group, a notorious North Korean hacking collective, has been linked to various major cryptocurrency exploits in the past year, including the Harmony Bridge hack and the Ronin Bridge hack. As the investigation continues, the involvement of Garantex and the laundering of stolen funds through exchanges raises concerns about the security and regulatory measures in the cryptocurrency industry, highlighting the ongoing challenges posed by illicit activities and the need for robust security measures.
