In a confidential report by the United Nations (UN), it was revealed that North Korean entities, particularly the Lazarus Group, utilized the cryptocurrency privacy tool Tornado Cash to launder approximately $150 million in stolen cryptocurrency assets.
The report, which was accessed by Reuters, highlights a significant breach involving dormant crypto assets linked to the group, traced back to North Korea in March 2023.
The illicit activity commenced when North Korean hackers infiltrated HTX, a cryptocurrency exchange owned by Tron founder Justin Sun, extracting $147.5 million in cryptocurrencies.
This amount was covertly transferred into North Korea over the course of a year using Tornado Cash, a service that anonymizes crypto transactions making them untraceable and is popular among cybercriminals.
The Reuters coverage also pointed out ongoing investigations by the UN into 97 cyberattacks orchestrated by North Korea between 2017 and 2024, which altogether siphoned around $3.6 billion in cryptocurrencies.
In 2024 alone, these investigations have so far included 11 cryptocurrency thefts totaling $54.7 million, allegedly involving North Korean IT workers employed by various small crypto-related companies.
The United States had previously imposed sanctions on Tornado Cash in 2022, accusing it of facilitating North Korea in bypassing international sanctions on cross-border remittances.
Despite these allegations, the founders of Tornado Cash have consistently denied any wrongdoing over the past two years.
The situation escalated when Alexey Pertsev, the developer behind Tornado Cash, was convicted of money laundering charges on May 14, having allegedly laundered $1.2 billion in illicit funds through the platform.
Pertsev was sentenced to five years and four months in prison, with a 14-day period granted to his attorneys for filing an appeal.
This conviction has raised significant concerns about the broader implications for developers of open-source software.
Moreover, on the same day, blockchain analytics firm PeckShield reported that approximately $53 million worth of Ether, stolen from Poloniex during a $100 million hack, was transferred to Tornado Cash.
This incident underscores the prevalent use of Tornado Cash among global cybercriminals.
According to PeckShield, over 17,800 ETH was consolidated from six different wallets into one Tornado Cash address, demonstrating the sophisticated methods employed by hackers to obscure the origins of stolen funds.
To submit a crypto press release (PR), send an email to sales@cryptointelligence.co.uk.
