Entities aligned with the North Korean regime engaged in significant money laundering of stolen cryptocurrency assets in March, utilizing the privacy protocol Tornado Cash. This was revealed in a confidential United Nations (UN) report accessed by Reuters. The report discloses that the notorious group of cyberattackers, known as the Lazarus Group, managed to transfer a dormant cache of stolen crypto assets back to North Korea.
In a particularly egregious cyber theft, North Korean hackers illicitly seized approximately $147.5 million worth of cryptocurrencies from HTX, a crypto exchange founded by Tron founder Justin Sun. This incident occurred in March 2023, but it wasn’t until a year later that the stolen funds were funneled into North Korea using Tornado Cash. Such crypto mixing services as Tornado Cash are favored by hackers and scammers, who employ these tools to anonymize stolen crypto assets, rendering them untraceable.
The UN’s ongoing investigations have revealed the extensive scope of North Korea’s cybercriminal activities. According to the report highlighted by Reuters, the organization is looking into 97 North Korean cyberattacks that collectively pilfered around $3.6 billion worth of cryptocurrencies between 2017 and 2024. In the year 2024 alone, UN monitors have scrutinized “11 cryptocurrency thefts … valued at $54.7 million,” many of which have been linked to IT workers from the Democratic People’s Republic of Korea (DPRK) who were inadvertently hired by small crypto-related companies.
The United States had previously sanctioned Tornado Cash in 2022, accusing it of assisting North Korea in bypassing cross-border remittance sanctions. Despite these allegations, the protocol and its founders disputed these claims for over two years.
In a significant development on May 14, Alexey Pertsev, the creator of the cryptocurrency mixing protocol Tornado Cash, was convicted of money laundering. This conviction has potentially serious implications for developers of open-source code. Pertsev received a prison sentence of five years and four months for allegedly laundering $1.2 billion worth of illicit assets through the platform. His legal team was granted 14 days to appeal the court’s decision.
It is essential to note that the misuse of Tornado Cash extends beyond North Korea. The protocol is a popular tool within the global hacker community for concealing stolen funds. Evidence of this can be seen in the findings of PeckShield, a blockchain investigation firm, which uncovered a significant transfer on May 14.
According to PeckShield, stolen Ether worth $53 million, linked to a $100 million Poloniex hack, was moved into Tornado Cash. The hacker managed to transfer over 17,800 ETH from six separate wallets into a single Tornado Cash address, as depicted in the flowchart.
The utilization of Tornado Cash by hackers underscores the broader issue of cryptocurrency security and the challenges facing regulatory authorities in managing such illicit activities. The ongoing investigations and subsequent legal actions against entities like Tornado Cash exemplify the critical need for enhanced scrutiny and regulatory measures in the crypto space.
Props to the diligent UN investigators. This article brought out some hard truths.
Pertsev’s conviction raises so many questions about the future of open-source coding.
This truly highlights the darker side of cryptocurrency’s anonymity features.
Tornado Cash certainly got caught up in a massive web with these revelations.
Pathetic to see these crypto mixers enabling cybercriminals. Tornado Cash being used by North Korea is just the latest example of how these tools are abused.
The scale of North Korea’s operations is just mind-boggling. This truly is a wake-up call for the crypto world.
North Korean cybercrimes are on another level. Its critical to keep our guard up.
The crypto world keeps taking hits from these hacks! North Korea’s use of Tornado Cash for money laundering is beyond appalling. Why isnt more being done to stop this?!
Another blow to the cryptocurrency world. Stolen crypto funneled into North Korea using Tornado Cash just proves how vulnerable the system still is.
That’s some impressive investigative work by the UN and PeckShield. Hats off to them!