The Atomic Wallet has been breached and all evidence points to the Lazarus Group
The notorious Lazarus Group, North Korean hacking organization, has once again made headlines with their involvement in the recent security breach of Atomic Wallet. This breach resulted in the staggering theft of over $35 million worth of cryptocurrency.
The trail of evidence leading to the Lazarus Group has been meticulously uncovered by Elliptic, a team of blockchain experts. Their analysis has shed light on the movement of stolen funds and the group's sophisticated laundering techniques.
Lazarus Group strikes Atomic Wallet
The attack on Atomic Wallet unfolded over the weekend, leaving multiple users in despair as their wallets were compromised and funds vanished into thin air.
The scale of the losses quickly became apparent, with estimates by crypto-analyst ZachXBT indicating that the total amount stolen exceeded $35 million. Shockingly, one individual accounted for nearly 10% of the entire stolen sum.
All eyes are on Lazarus Group
Yesterday, Elliptic released a comprehensive report firmly attributing the Atomic Wallet breach to the Lazarus Group. This marks their first significant cryptocurrency heist of 2023, adding to their notorious track record.
The report aligns with the FBI's prior identification of the Lazarus Group in the Harmony Atomic Wallet breach, further solidifying their involvement.
Lazarus Group's signature techniques
Elliptic's examination of the laundering strategy employed in the Atomic Wallet breach has provided the first concrete evidence linking it to the Lazarus Group.
The patterns observed in their previous exploits align with the methods employed in this attack. Notably, the utilization of the Sinbad mixer for laundering the stolen funds serves as the second attribution element, mirroring the group's modus operandi in the Harmony Horizon Bridge hack.
Moreover, Elliptic has previously highlighted the significant sums, amounting to tens of millions of USD, that North Korean hackers have funneled through Sinbad.
This underscores the group's confidence and reliance on this particular mixing service.
The proof
The most compelling proof of Lazarus Group's involvement in the Atomic Wallet hack lies in the significant portion of stolen cryptocurrency that ultimately ended up in wallets linked to their previous exploits.
These wallets are believed to be owned by group members, establishing a consistent pattern that reinforces the connection between the threat actors and their prior malicious activities.
Advertisement
