A recent cyber attack on Atomic Wallet customers has been linked to a North Korean state-backed hacking group, resulting in estimated losses of $35 million. Atomic Wallet, a provider of decentralized wallets supporting over 500 coins and tokens, announced over the weekend that some of its customers had reported funds being drained from their accounts.
After reports of the attack surfaced, blockchain analysis company Elliptic conducted an investigation and traced the money trail back to Lazarus, a notorious hacking group with ties to North Korea. According to Elliptic, the stolen funds could be traced using their software, allowing exchanges and other crypto businesses to identify any deposits originating from the hack. The analysis also led them to attribute the hack to Lazarus with a high level of confidence.
Several factors contributed to this attribution, including the process of laundering the stolen cryptocurrency, the use of services like the Sinbad mixer (previously used by Lazarus), and the possibility that the stolen funds were combined with digital money from previous Lazarus heists. This incident marks the first time Lazarus has been publicly blamed for a cryptocurrency heist since the $100 million theft from Horizon Bridge in 2022.
North Korean state-backed hackers, like Lazarus, are known for not only engaging in cyber-espionage but also accumulating funds for the Kim Jong-un regime’s missile and nuclear program. Reports suggest that North Korea generates around 50% of its foreign currency income through such cyber attacks, potentially amounting to billions of dollars stolen over the years.
This latest attack highlights the ongoing threat posed by state-sponsored hacking groups and the importance of robust cybersecurity measures in the cryptocurrency space. It serves as a reminder for individuals and businesses alike to remain vigilant and take steps to protect their digital assets from malicious actors.