Lazarus Strikes Again: UK Crypto Platform Collapses After $23M Heist

Another day, another crypto heist—this time with a $23 million price tag. The UK-registered platform buckled under the weight of the breach, proving once again that digital vaults aren’t as impenetrable as their marketing claims.

Who’s behind it? All fingers point to Lazarus, the notorious cybercrime syndicate that treats crypto exchanges like ATMs. Their latest hit? A surgical strike that left investors scrambling and regulators sighing into their lukewarm tea.

Security theater? More like security tragedy. While the platform’s compliance team was likely busy printing ‘risk-aware’ disclaimers, hackers waltzed in through the backdoor. Classic case of ‘secure until it’s not.’

And the cherry on top? Another blow to crypto’s ‘mature asset class’ narrative. Traditional finance might move at glacial speed, but at least their vaults don’t evaporate overnight.

Swiss-based platform forced into liquidation

Richard Olsen, great-grandson of Swiss banking patriarch Julius Baer, founded Lykke in 2015. It operated from Switzerland’s “crypto valley” in Zug while maintaining UK registration.

The platform offered cryptocurrency trading without transaction fees before the attack forced operational suspension.

“The attack has been attributed to malicious Democratic People’s Republic of Korea cyberactors, who stole funds on both the Bitcoin and ethereum networks,” the Treasury’s OFSI stated in its report.

The company lost Bitcoin (BTC), Ethereum (ETH), and other cryptocurrencies in the breach and was ultimately forced to halt trading operations.

Experts disagree over conclusions

Whitestream, an Israeli cryptocurrency research organization, also accused Lazarus of being responsible for the Lykke hack. They also claimed that the attackers laundered stolen funds through two cryptocurrency companies known for facilitating transaction obfuscation and circumventing money-laundering controls.

Other researchers disputed these conclusions, arguing that the current evidence is insufficient to identify the exchange hackers definitively.

The Financial Conduct Authority issued warnings about Lykke in 2023, noting that the company was neither registered nor authorized to offer financial services to consumers in the United Kingdom.

Despite promises to return customer funds, the platform froze trading after the hack and officially ceased operations in December.

Customers pursue recovery through liquidation

More than 70 customers brought a winding-up petition in UK courts and claimed losses totaling £5.7 million from the company’s closure.

Lykke’s Swiss parent company entered liquidation last year, while founder Richard Olsen was declared bankrupt in January.

British legal filings indicate Olsen faces criminal investigations in Switzerland, though he has not responded to media requests for comment.

Lazarus Group has been linked to numerous high-profile cryptocurrency heists globally. They use several techniques to breach exchange security and launder stolen funds through networks of digital transactions.