Lazarus Group Circumvents Sanctions, Launders $12M Via Tornado Cash

Rebeca Moen  Mar 15, 2024 21:18  UTC 13:18

2 Min Read

Despite facing international sanctions, North Korea's notorious Lazarus Group has allegedly resumed its operations using the crypto mixer Tornado Cash to launder approximately $12 million worth of cryptocurrencies. These funds are purportedly linked to cyber heists targeting cryptocurrency platforms HTX and HECO in November, highlighting the persistent threat posed by state-sponsored actors in the digital asset space.

The Lazarus Group, which is believed to be backed by the North Korean government, has been implicated in a series of high-profile cyberattacks aimed at obtaining foreign currency to fund state operations, circumventing the economic sanctions imposed on the country. The latest incident underscores the sophisticated tactics employed by the group to navigate the complex web of decentralized finance (DeFi) and cryptocurrency exchanges.

According to reports, the stolen assets were initially transferred out of the hacked platforms and then converted into Ether tokens through various decentralized exchanges, a process that typically helps obfuscate the trail of the funds. Following the conversion, the funds remained dormant, possibly to avoid detection during the period of heightened scrutiny following the heists.

This week, however, activity was detected as the funds began moving through Tornado Cash, a crypto mixing service designed to enhance transaction privacy by pooling and scrambling cryptocurrencies. It's important to note that Tornado Cash has been sanctioned by the U.S. Treasury Department, which has accused the service of being a conduit for money laundering activities, including those by the Lazarus Group.

The use of sanctioned services like Tornado Cash by cybercriminals presents a significant challenge to international efforts to curb North Korea's illicit activities. The sanctions are meant to deter and penalize both the service providers and their users; however, the decentralized and borderless nature of blockchain technology makes enforcement a complex task.

As the Lazarus Group continues its operations, the international community is called to strengthen its response and improve coordination among governments, financial institutions, and the broader cryptocurrency industry. Enhanced due diligence, robust cybersecurity measures, and the development of tools to trace and block the movement of illicit funds are critical in combating the misuse of digital assets.

The persistence of such activities demonstrates the need for a multi-faceted approach that includes technological innovation, regulatory clarity, and international cooperation. The Lazarus Group's latest maneuvers through Tornado Cash highlight the ongoing cat-and-mouse game between cybercriminals and law enforcement, with implications for the security and integrity of the global financial system.


Image source: Shutterstock


Read More