Lazarus APT Group and Money Laundering through Tornado Cash: Details and Recommendations

Korean Lazarus APT Group Using Tornado Cash for Money Laundering

The Lazarus APT group, affiliated with North Korea, has once again made headlines for using the money laundering platform Tornado Cash to wash a total of 23 million dollars. The company Elliptic linked the theft of 112.5 million dollars from the HTX exchange in November 2023 to the activities of this particular group.

Sanctions Imposed on Tornado Cash in August 2022

In August 2022, the U.S. Department of the Treasury imposed sanctions on the cryptocurrency mixing service Tornado Cash, which was being utilized by the Lazarus APT group. Mixers serve as crucial tools for cybercriminals to launder money, posing a challenge for law enforcement agencies.

Money Laundering and Confiscation of Sinbad.io Service

Both OFAC and experts have noted that Tornado Cash has been used to launder over 7 billion dollars’ worth of virtual currency since the platform’s inception in 2019. The Lazarus group has already laundered a total of over 455 million dollars from cryptocurrency thefts. Following the sanctions on Tornado Cash, the group turned to the Sinbad.io mixer, but this service was confiscated by U.S. authorities in November 2023.

Recommendations for Cryptocurrency Exchanges and Financial Institutions

Experts have observed that Tornado Cash operates through smart contracts on decentralized blockchains, making it difficult to confiscate. Therefore, it is recommended that cryptocurrency exchanges and financial institutions utilize wallet analysis tools to prevent transactions with sanctioned entities such as Tornado Cash and the Lazarus group.

By utilizing information provided by the company Elliptic and other agencies monitoring the activities of Lazarus APT, it is crucial for entities in the financial industry to take appropriate measures to combat money laundering and illicit activities in the cryptocurrency space.