Bitcoin
$62,406.29-2.17%
Ethereum
$3,194.95-3.32%
Binance Coin
$593.78-1.20%
Solana
$135.89-5.38%
XRP
$0.50720354-2.95%
Dogecoin
$0.14436326-3.87%
Toncoin
$5.32-2.51%
Cardano
$0.45415490-3.48%
Shiba Inu
$0.00002389-4.87%
Avalanche
$33.59-3.77%
Tron
$0.12000893-0.50%
Wrapped Bitcoin
$62,489.81-2.40%
PlayIconNav
Crypto Prices CoinDesk 20 Index CoinDesk 20 Index
Countdown to Consensus 2024The largest and longest running event that covers all sides of Crypto and Web 3
30
DAYS
06
HR
36
MIN
47
SEC
Finance

North Korean Hackers Used Tornado Cash to Launder $12M From Heco Bridge Hack: Elliptic

The hacking group sent more than 40 transactions to Tornado Cash over the past 24 hours.

By Oliver Knight
AccessTimeIconMar 14, 2024 at 3:58 p.m. UTC
Updated Mar 14, 2024 at 4:00 p.m. UTC
Flags fly in Pyongyang, North Korea (Micha Brandli/Unsplash)
Flags fly in Pyongyang, North Korea (Micha Brandli/Unsplash)
10 Years of Decentralizing the Future
May 29-31, 2024 - Austin, TexasThe biggest and most established global hub for everything crypto, blockchain and Web3.Register Now

North Korean hackers tied to its infamous Lazarus Group have used coin mixing service Tornado Cash to launder $12 million worth of ether (ETH) over the past 24 hours.

Research from blockchain analytics firm Elliptic shows that more than 40 transactions have been sent by Lazarus Group to Tornado Cash on March 13 and March 14. Elliptic has also attributed a $100 million Heco Bridge and HTX hack last November to Lazarus Group.

VolumeMuteUnmute

Over $67M in Crypto Lost to Hacks and Exploits in February: Immunefi Report

  • Running With Crypto: 5 Questions With TRM Labs' Ari Redbord
    00:59
    Running With Crypto: 5 Questions With TRM Labs' Ari Redbord
  • Hacks Involving North Korea Are 'Even Greater Problem': Legal Experts
    09:43
    Hacks Involving North Korea Are 'Even Greater Problem': Legal Experts
  • Breaking Down the State of Hacking in 2024
    02:01
    Breaking Down the State of Hacking in 2024
  • Crypto Hack Volumes Fell by More Than 50% in 2023: TRM Labs
    00:59
    Crypto Hack Volumes Fell by More Than 50% in 2023: TRM Labs

    • Lazarus is responsible for hacks worth more than $3 billion over the past six years, according to a report by cybersecurity firm Recorded Future.

    Tornado Cash was hit by U.S. sanctions in August 2022. This spurred Lazarus Group to use another mixer, Sinbad, to obfuscate their ill-gotten gains. However, Sinbad itself was seized by U.S. authorities in November, prompting Lazarus to make the shift back to Tornado Cash, Elliptic said in its blog post. One of Tornado Cash's founders, Roman Storm, was arrested last year and is awaiting trial on money laundering charges. Another, Roman Semenov, has been charged but has yet to be arrested.

    Despite being sanctioned twice, Tornado Cash still runs via decentralized smart contracts that cannot be seized or taken offline.

    "The change in behavior and return to the use of Tornado Cash likely reflects the limited number of large-scale mixers now operating, thanks to law enforcement takedowns of services such as Sinbad.io and Blender.io," Elliptic said.

    Edited by Nikhilesh De.

    Disclosure

    Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.

    CoinDesk is an award-winning media outlet that covers the cryptocurrency industry. Its journalists abide by a strict set of editorial policies. In November 2023, CoinDesk was acquired by the Bullish group, owner of Bullish, a regulated, digital assets exchange. The Bullish group is majority-owned by Block.one; both companies have interests in a variety of blockchain and digital asset businesses and significant holdings of digital assets, including bitcoin. CoinDesk operates as an independent subsidiary with an editorial committee to protect journalistic independence. CoinDesk employees, including journalists, may receive options in the Bullish group as part of their compensation.

    Oliver Knight
    Oliver Knight

    Oliver Knight is a CoinDesk reporter based between London and Lisbon. He does not own any crypto.

    Follow @OKnightCrypto on Twitter

    Learn more about Consensus 2024, CoinDesk's longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to consensus.coindesk.com to register and buy your pass now.