The notorious Lazarus Group, which has been linked to North Korea, has resumed its activities involving the cryptocurrency mixer Tornado Cash. This was revealed by analytics firm Elliptic, which highlighted on-chain activity showing that the group transferred approximately $12 million worth of cryptocurrency to Tornado Cash’s wallets on March 13, 2023. It is essential to note that these funds were derived from hacks and were moved despite the sanctions imposed on the crypto mixer.
Background of the Lazarus Group’s Activities
The Lazarus Group came to prominence when it was identified as being behind the attacks on the cryptocurrency exchange HTX and its cross-chain bridge, HECO Chain, in November 2022. These incidents resulted in substantial financial losses, with the hot wallets on the HTX exchange losing $30 million and the HECO Chain experiencing a theft of $86.6 million. The stolen funds underwent a conversion to Ethereum through decentralized exchanges, where they remained untouched until recently.
The Continuation of Tornado Cash Amid Sanctions
Tornado Cash is a decentralized privacy tool on the Ethereum blockchain that operates using smart contracts for the anonymous transfer of ETH and ERC-20 tokens. Despite sanctions imposed by the U.S. Treasury Department in August 2022 due to its alleged involvement in laundering over $1 billion in illicit funds, including those linked to the Lazarus Group, the platform continues its operations. The U.S.’s crackdown on crypto mixers, such as the seizure of Sindbad by Finnish authorities in November 2023, has led the Lazarus Group to revert to using Tornado Cash as a means to launder their stolen funds. This move demonstrates the group’s determination to bypass international sanctions and regulatory measures.
The Evolving Tactics of the Lazarus Group
As authorities continue to target the infrastructure supporting illicit cryptocurrency transactions, the Lazarus Group has adapted its strategies. With the seizure of Sindbad and the closing of other mixing options, the group’s reliance on Tornado Cash has become more pronounced. This shift reflects the Lazarus Group’s persistence in bypassing international sanctions and regulatory measures.
The case against the founders of Tornado Cash and Bitcoin Fog marks a significant effort in combating cryptocurrency-related crimes. However, the Lazarus Group’s recent activities demonstrate ongoing challenges in curtailing their operations. Despite these efforts, it is crucial for regulatory bodies and law enforcement agencies to continue collaborating to address the evolving tactics of such groups and protect the integrity of the cryptocurrency ecosystem.