North Korean hackers affiliated with the infamous Lazarus Group have utilized the coin mixing service Tornado Cash to launder $12 million in ether (ETH) during the last 24 hours.According to blockchain analytics firm Elliptic, Lazarus Group transmitted over 40 transactions to Tornado Cash on March 13 and 14.Elliptic also blamed the Lazarus Group for a $100 million Heco Bridge and HTX attack in November last year.
According to a report by cybersecurity firm Recorded Future, Lazarus is responsible for attacks totaling more than $3 billion over the last six years.Tornado Cash faced US sanctions in August 2022.This prompted the Lazarus Group to utilize another mixer, Sinbad, to conceal their ill-gotten gains.However, once Sinbad was taken by US officials in November, Lazarus returned to Tornado Cash, according to Elliptic’s blog post.Roman Storm, one of Tornado Cash’s founders, was arrested last year and is currently facing trial on money laundering accusations.Another, Roman Semenov, has been charged but not detained.
Despite being sanctioned twice, Tornado Cash continues to operate via decentralized smart contracts that cannot be confiscated or taken down.
“The change in behavior and return to the use of Tornado Cash likely reflects the limited number of large-scale mixers now operating, thanks to law enforcement takedowns of services such as Sinbad.io and Blender.io,” Elliptic said.