Hackers are swapping stolen funds for Bitcoin before laundering proceeds through the Sinbad mixer, according to Elliptic.
On June 3, non-custodial crypto wallet Atomic Wallet fell victim to a hack that resulted in $35 million in user losses. An investigation conducted by blockchain intelligence firm Elliptic reveals that the hack is very likely linked to North Korea’s Lazarus Group, a notorious group of “state-sponsored” hackers.
Elliptic’s investigation trail found that stolen assets are being laundered through the Sinbad mixer, a mixer used by the Lazarus Group in past hacks. The laundering also follows a series of steps that “exactly match” those previously used by the group.
“It’s possible that the stolen cryptoassets have been co-mingled in wallets that hold the proceeds of past hacks perpetrated by Lazarus Group,” the firm added.
Atomic Wallet acknowledged the hack on Twitter, stating that “less than 1%” of users have been affected.
Elliptic on the other hand reported that “a large number” of wallets had been breached, with funds being swapped for Bitcoin before being laundered through Sinbad.
Sinbad mixer has been used intensively to launder over $100 million in past Lazarus Group hack proceeds, including assets from the $540 million Axie Infinity hack and $100 million Horizon Bridge attack.
Atomic Wallet is non-custodial, meaning users are entirely responsible for their recovery keys and funds. The company tweeted today they are working to trace and block stolen funds as the investigation continues.
Independent investigator and “on-chain sleuth” ZachXBT found that the largest victim of the attack was found on Tron with a staggering $7.95 million USDT stolen.
Devastating as the hack is to users who lost funds, it won’t come as a surprise to everyone. In February, a security audit conducted by Least Authority warned that Atomic Wallet may be at risk of a security breach.
“We strongly recommend that the Atomic Wallet team immediately notify users of the existing security vulnerabilities,” the blog post read. “In addition, until the issues and suggestions outlined in the report have been sufficiently remediated and the Atomic Wallet has undergone subsequent security audits, we strongly recommend against the Atomic Wallet’s deployment and use.”
In response, Atomic’s CEO Konstantin Gladych announced that recommended changes would be implemented in late 2022.
Disclaimer: CryptoPlug does not recommend that any cryptocurrency should be bought, sold, or held by you. Do conduct your own due diligence and consult your financial advisor before making any investment decisions.