Tornado Cash Allows The Lazarus Group To Launder 400 ETH!

The, a hacking collective affiliated with North Korea, continues its illegal activities by exploiting crypto. Recently, a transaction of, amounting to approximately 750,000 dollars, was identified on Tornado Cash, a platform known for anonymizing blockchain transactions. Meanwhile, the group has launched a new malware campaign targeting developers, confirming its evolution towards increasingly sophisticated attacks.

Lazarus Group and Tornado Cash: An infernal duo for your crypto?

On March 13, 2024, the security firm CertiK detected this transaction linked to Lazarus. The group, already responsible for several major crypto hacks, including Bybit (1.4 billion dollars in February) and Phemex (29 million in January), regularly uses services like THORChain toits funds. In five days, nearly 2.91 billion dollars are estimated to have flowed through this decentralized protocol, making any recovery attempt extremely complex.

For several years, Lazarus has relied on various methods to evade authorities, notably by exploiting mixers like. These services, although legitimate for preserving the confidentiality of crypto transactions, are often diverted for criminal purposes.

An offensive targeting developers

Beyond money laundering, Lazarus has intensified its. Six new malwares have been spotted on the Node Package Manager (NPM) platform, an essential service for managing JavaScript libraries. Among them is the malicious software BeaverTail, which mimics popular libraries by slightly altering their names, a technique known as typosquatting.

Theseallow hackers to access sensitive data, including credentials stored in Chrome, Brave, and Firefox browsers, as well as Solana and Exodus wallets. Several crypto-entrepreneurs have also been targeted by fake Zoom invitations, where hackers pose as crypto investors to trick their victims into downloading infected files.

A growing risk for the crypto ecosystem

According to Chainalysis, North Korean hackers havedollars in 2024, more than double that of the previous year. This increase highlights a persistent threat to the security of crypto assets.

The use of Tornado Cash and THORChain thus underscores the difficulties faced by authorities to trace and block these funds. In the face of these repeated attacks, crypto developers and companies mustto limit their exposure to cybercriminals.

Maximize your Cointribune experience with our "Read to Earn" program! For every article you read, earn points and access exclusive rewards. Sign up now and start earning benefits.