Amidst growing concerns of illicit activities involving cryptocurrencies, reports have emerged linking North Korean hackers associated with the notorious Lazarus Group to an exploit of Ethereum (ETH) through the virtual currency mixer Tornado Cash.
It is alleged that the hackers are now involved in a transfer to BlackRock, the largest asset management firm, as claimed by a user of social media platform X (formerly Twitter).
Alleged Transaction Links North Korean Hackers To BlackRock
The user, operating under the pseudonym “Icebergy,” shared an image suggesting a transaction tied to North Korean hackers transferring 1 ETH, valued at $3,270, to BlackRock for undisclosed reasons.
If true, this development may pose challenges for the asset manager. Tornado Cash and the Lazarus Group have faced increased scrutiny from US regulators due to potential illicit activities facilitated by the mixer and alleged violations of anti-money laundering (AML) regulations within the US jurisdiction.
As reported by Bitrabo, in 2022, Tornado Cash faced legal action from the US Treasury Department’s Office of Foreign Assets Control (OFAC). The agency targeted the software due to its alleged role in allowing cybercriminal activity.
The US agency claims that bad actors used Tornado Cash to launder over $7 billion worth of crypto assets since its launch in 2019.
Consequently, OFAC sanctioned the mixer’s wallets and other smart contracts associated with its operations. The sanctions also contain allegations of “facilitating” money laundering for hackers supporting foreign terrorists, as a significant number of hacking incidents involving crypto asset theft have been linked to terrorist groups.
Notably, in February 2023, Chainalysis reported that North Korean hacking groups had stolen up to $2 billion in crypto assets in 2022, frequently utilizing Tornado Cash to obfuscate their transactions.
Additionally, it has been revealed that North Korean hackers, believed to be part of the Lazarus Group, exploited the coin-mixing service Tornado Cash to launder approximately $12 million worth of stolen Ethereum on March 14.
Tornado Cash Returns To Focus
As blockchain analytics firm Elliptic reported, in response to the sanctions imposed on Tornado Cash, the Lazarus Group briefly shifted its focus to using cross-chain bridges and the Bitcoin-based mixer Sinbad.io as an alternative.
However, US authorities seized Sinbad.io in November 2023, eliminating another option for commingling funds. Consequently, the group appears to have returned to utilizing Tornado Cash.
Ultimately, the motive behind the alleged transfer of ETH tied to North Korean hackers remains undisclosed, and the relatively small amount involved raises questions about its specific objective.
At the time of writing, BlackRock has not responded to the matter, and no further information has been released. It is important to note that BlackRock has consistently operated within the US regulatory frameworks and complied with federal laws, which led the asset manager to receive approval from the US Securities and Exchange Commission (SEC) for its newly approved Spot Bitcoin Exchange Traded Fund (ETF) under the ticker IBIT.
Furthermore, the presence of BlackRock’s on-chain addresses in the public blockchain does not necessarily indicate a collaborative effort but rather a unilateral move by the alleged North Korean side, perhaps to generate controversy surrounding the asset manager’s reputation.
Ethereum (ETH) has successfully rebounded to reach the $3,511 mark following a significant decline to the $3,069 level. In the past 24 hours, the second-largest cryptocurrency by market capitalization has experienced a notable surge of 10%. However, the token still retains losses exceeding 6% over the past week.
Featured image from Shutterstock, chart from TradingView.com