Elliptic identifies the movement of illicit funds from the $35 million Atomic Wallet breach to Sinbad.io, a crypto mixer with ties to North Korea’s Lazarus Group.
Blockchain compliance firm Elliptic has discovered that the funds stolen in the recent $35 million Hacker of Atomic Wallet have been founded to Sinbad.io, a cryptocurrency mixer linked to North Korea’s infamous Lazarus Group.
The announcement came on June 5, and it was reported that Sinbad.io had previously laundered over $100 million in cryptocurrencies pilfered by the Lazarus Group.
While the amount sent to Sinbad.io has not been disclosed, Elliptic highlighted that the stolen assets were converted into bitcoin (BTC) and subsequently concealed using the mixer.
Atomic Wallet team claims to put efforts into recovering the stolen funds. Yet, Elliptic’s recent findings suggest that recovery may be challenging for many affected users.
Renowned blockchain sleuth @Zachxbt has tracked the transactions associated with the stolen funds from Atomic Wallet. According to the analyst, out of the reported $35 million stolen by the hackers, $1 million belonging to one of the victims has now been recovered.
What is the Lazarus Group and their history of cyber attacks
The Lazarus Group is a cybercrime group made up of an unknown number of individuals run by the government of North Korea. The earliest attacks attributable to the Lazarus Group occurred in 2009, when they targeted US and South Korean government websites. The group has had multiple operations, including DDoS operations against various organizations across different industries.
The group is responsible for some of the most successful and destructive computer attacks in recent years. Two of the group’s most notable campaigns include the 2014 Sony hack, which involved sensitive company and personal information, and the 2016 Bangladeshi bank attack that stole millions of dollars from the financial institution.
They have also expanded into cryptocurrency attacks, with the use of the RATANKBA malware to target cryptocurrency companies. The US intelligence community alleges that they serve the North Korean state, mostly undertaking acts of espionage and hacking financial institutions for the much-needed money to fund the heavily sanctioned nation and its nuclear program.
As of late 2019, the Lazarus Group has crippled hundreds of thousands, if not millions, of computers and stolen up to US$2 billion.