Lazarus Group Strikes Again: $3.2M Solana-to-Ethereum Crypto Heist Exposed
North Korea's infamous Lazarus Group is back in the headlines—this time for a slick $3.2 million cross-chain crypto heist. Here's how they pulled it off.
The Solana-to-Ethereum Shuffle
Security sleuths traced the stolen funds hopping from Solana to Ethereum, a move as calculated as a Wall Street hedge fund's tax strategy. The group's signature mix of phishing and exploit-based attacks left little doubt about their involvement.
Why This One Hurts
While $3.2M is pocket change compared to some DeFi hacks, the cross-chain nature of the theft exposes a growing vulnerability. Bridges remain the crypto world's rickety rope ladders—convenient, but begging to be cut.
The Bottom Line
Another day, another Lazarus hit. The only surprise? They didn't launder it through a 'legitimate' crypto exchange first.
Lazarus Group, the notorious North Korea-affiliated company, is observed to be linked with a crypto theft of $3.2 million. The prominent on-chain analyst, ZachXBT, has given important insights about the matter.
Reportedly, 16th May was the attack day, highlighting remarkable concerns of the crypto community. The sophistication of attacks is increasing day by day, with state-linked cybercriminals. CoinRank has highlighted this issue through its official X account.
BREAKING: Lazarus Group Suspected in $3.2M Crypto Theft
On-chain investigator @zachxbt reports that a user was allegedly hacked by North Korea-linked @Lazarus Group on May 16, losing approximately $3.2 million in digital assets.
The stolen funds were sold and bridged from… pic.twitter.com/k3YCmzzltl
Stolen Funds Moved from Solana to Ethereum Anonymously
ZachXBT investigates the entire scene, highlighting that the solana blockchain initially held these stolen tokens. Then, these stolen tokens were converted and bridged to Ethereum. A key red flag is included in the timeline of the operation.
On the 25th and 27th of June, two separate deposits are made, each consisting of 400 ETH, into Tornado Cash. Through these movements, a clear attempt to obfuscate is suggested, amassing ownership and origin of the stolen funds. The conversion in Tornado Cash was to hide identity and evade detection and tracking.
The Tactics of the Lazarus Group Spotlighted by CoinRank
The analysts of CoinRank observe that the pattern of the latest exploit shows a clear resemblance to the previous Lazarus operations. This exploit includes the strategy of cross-chain laundering. The use of privacy tools such as Tornado Cash further cements the stance. Blockchain transparency is facing a continuous challenge from the usage of such protocols.
DeFi, the Vernacular of Growing Threats of Nation-State Actors
By showcasing this incident, CoinRank aims to highlight the growing exploits of nation-state actors across decentralized finance (DeFi). With the evolution in the Lazarus Group’s tactics, the blockchain community is now too responsive to prevent further threats. Investigators urge users to be cautious while handling cross-chain large assets.
