By Mat Di Salvo
2 min read
The North Korean group allegedly behind a hack which earlier this month targeted Atomic Wallet have now pocketed over $100 million in stolen crypto, blockchain analytics firm Elliptic said today.
Cybercriminals hacked self-custodial, decentralized Atomic Wallet on June 3, taking at the time $35 million-worth of digital tokens.
Elliptic attributed the attack to cybercrime syndicate Lazarus Group, which is believed to have stolen over $2 billion in its prolific hacking.
The amount stolen has now increased nearly threefold—and Atomic Wallet is yet to give customers an explanation, Elliptic said in a Tuesday blog post.
Estonia-based Atomic Wallet, which lets customers store cryptocurrencies like Bitcoin and Ethereum, last tweeted about the hack on June 7, saying it had contracted blockchain analytics firm Chainalysis to trace the stolen funds. The Atomic Wallet team doesn't appear to have communicated at all over its Twitter account since sending that tweet.
Elliptic said Tuesday that it was freezing stolen funds. “Our team has partnered with several investigators and exchanges around the world to trace and freeze the stolen funds,” the firm said. “This has led to over $1 million in stolen assets being frozen.”
It added that hackers have since started using sanctioned Russian crypto exchange Garantex to launder the stolen assets.
Lazarus Group made headlines last year when the U.S. Treasury Department sanctioned coin mixing app Tornado Cash.
The Feds sanctioned the app because they said criminals, like state sponsored hacking Lazarus Group, were using it to launder dirty cash. The group has also been linked to the $100 million Harmony Bridge hack in June 2022 and the $190 million Nomad bridge hack just a month later.
In December of last year, reports began to circulate that Lazarus Group was posing as a venture capital firm in an attempt to spread malware. Cybersecurity firm Kaspersky said in a report that BlueNoroff, the name it's given Lazarus Group, "created numerous fake domains impersonating venture capital companies and banks."
Decrypt-a-cookie
This website or its third-party tools use cookies. Cookie policy By clicking the accept button, you agree to the use of cookies.