Crypto Researchers Pinpoint Lazarus Group’s Involvement
In a recent development, crypto researchers have implicated North Korea-backed hackers in the massive hack on Atomic Wallet customers. The Estonia-based non-custodial decentralized wallet has confirmed that it had received reports of compromised wallets and is investigating the issue.
Atomic Wallet: A Decentralized Wallet with Over 500 Supported Coins
Atomic Wallet is a popular choice among cryptocurrency users, supporting over 500 coins and tokens, including Bitcoin and Ethereum. With more than five million users worldwide, the wallet’s decentralized nature means that users are responsible for their assets. However, this also leaves them vulnerable to potential security breaches.
The Hack: Estimated Losses Reach $35 Million
According to reports, less than 1% of Atomic Wallet’s monthly users, estimated to be around 50,000 individuals, have been affected by the hack. The self-styled on-chain sleuth @ZachXBT has estimated that hackers stole approximately $35 million in various cryptocurrencies.
Blockchain Analysis Firm Elliptic Points Fingers at Lazarus Group
In a recent statement, blockchain analysis firm Elliptic said it assesses with "a high level of confidence" that the North Korea-backed hackers known as the Lazarus Group are behind the Atomic Wallet hacks. The firm’s analysis revealed that the laundering of stolen crypto assets followed "a series of steps that exactly match those employed to launder the proceeds of past hacks perpetrated by Lazarus Group."
Lazarus Group: A Highly Sophisticated and Resilient Threat Actor
The Lazarus Group has been linked to several high-profile hacking incidents, including the Ronin Network hack in May 2022. The group is believed to have stolen over $625 million in cryptocurrency from the Ethereum-based sidechain made for the popular play-to-earn game Axie Infinity.
Sinbad: A Rebranded Crypto Mixer with a History of Laundering Illicit Funds
Elliptic also discovered that the hackers are laundering the stolen assets through Sinbad, a crypto mixer that allows owners to conceal the source of their crypto funds. According to reports, Sinbad is believed to be a rebrand of the sanctioned Blender.io mixer.
U.S. Treasury Sanctions North Korea-Linked Crypto Mixers
In May 2022, the U.S. Treasury sanctioned Blender.io, warning that the service was being used by North Korea to "support its malicious cyber activities and money-laundering of stolen virtual currency." The Treasury officials noted at the time that the Lazarus Group used the mixer to launder more than $20 million worth of cryptocurrency stolen from the Ronin Network.
Atomic Wallet’s Response: Commitment to Helping Affected Users
In its latest update, Atomic Wallet confirmed that it is committed to helping as many victims of the recent exploit as possible. The company has engaged third parties to help "trace stolen funds and liaise with exchanges and authorities." However, the exact number of affected users and the total amount of money stolen remain unknown.
The North Korean Threat: A Growing Concern in the Crypto Space
This incident highlights the growing concern of North Korean hackers targeting blockchain companies with malicious crypto-stealing apps. The Lazarus Group’s involvement in this hack raises questions about the security measures in place to protect users’ assets and whether affected individuals will be compensated.
Timeline of Events:
- June 3, 2022: Atomic Wallet confirms receiving reports of compromised wallets and begins investigating.
- June 5, 2022: Atomic Wallet posts an update stating that less than 1% of its monthly users have been affected by the hack.
- May 2022: The U.S. Treasury sanctions Blender.io, a crypto mixer linked to North Korea’s malicious cyber activities.
Conclusion
The involvement of Lazarus Group in the Atomic Wallet hack highlights the growing threat posed by North Korean hackers in the cryptocurrency space. As the industry continues to evolve and grow, it is essential for companies and regulatory bodies to stay vigilant and implement robust security measures to protect users’ assets.
Related News:
- OpenAI Begins to Explore "Superintelligence" by Kyle Wiggers
- Tiny Robot Cat Blows on Coffee to Cool It Off by Brian Heater
