Blockchain security firm Elliptic has revealed that the attackers responsible for the recent $35 million exploit of crypto wallet Atomic Wallet are moving the stolen funds through the Office of Foreign Assets Control (OFAC)-sanctioned exchange Garantex. Elliptic investigators strongly believe that the notorious North Korean hacking group, Lazarus, was behind the hack, as previously reported.
Garantex, which was sanctioned by the OFAC last year due to lax anti-money laundering measures and its facilitation of illicit activities, has become the channel for transferring the pilfered funds, according to Elliptic. While several cryptocurrency exchanges have frozen addresses associated with the Atomic Wallet hack, some of the funds managed to find their way to Garantex.
These funds were first exchanged using the on-chain trading tool 1inch, then transferred to Garantex, where they were converted into Bitcoin (BTC). The bitcoin was subsequently laundered through Sinbad, a Bitcoin mixer service that has been allegedly used by North Korean hacking groups.
On June 3, an approximate sum of $35 million worth of various tokens, including bitcoin (BTC), ether (ETH), tether (USDT), dogecoin (DOGE), litecoin (LTC), BNB coin (BNB), and Polygon’s MATIC, was stolen from Atomic Wallet. Atomic Wallet operates as a centralized storage and wallet service.
The revelation of the involvement of Garantex, despite its previous sanctions, raises concerns about the effectiveness of existing measures in preventing the flow of illicit funds through exchanges. The incident highlights the ongoing challenges faced by regulatory bodies in combating money laundering and illicit activities within the cryptocurrency space.
Both Atomic Wallet and Garantex have faced scrutiny in the past due to their vulnerability to cyberattacks and inadequate security measures. This recent breach further emphasizes the urgent need for robust security protocols and enhanced regulatory oversight to safeguard the funds and assets of cryptocurrency users.
Authorities and blockchain security firms will undoubtedly continue their efforts to track and recover the stolen funds, while also working towards strengthening security measures within the cryptocurrency ecosystem.
The incident serves as a stark reminder for individuals and organizations to remain vigilant and employ best practices to protect their digital assets in an increasingly sophisticated threat landscape.
