The attackers who hacked the non-custodial wallet Atomic Wallet transferred 503 ETH to the THORChain platform and exchanged assets for bitcoin, SlowMist experts drew attention.
North Korean hackers are using new methods to launder funds linked to the @AtomicWallet hack.
— MistTrack🕵️ (@MistTrack_io) June 20, 2023
Since June 2, a number of Atomic Wallet user accounts have been compromised.
Experts disagreed on the damage assessment. According to Elliptic, its amount exceeded $100 million. The company counted more than 5,500 affected wallets. As of June 8, SlowMist identified 333 compromised addresses with a combined loss of $21.7 million.
Earlier, on-chain analysts discovered that hackers sent the stolen funds to the Sinbad.io mixer, as well as to the Russian bitcoin exchange Garantex, which is under US sanctions.
According to SlowMist experts, the attackers have expanded the ways of laundering assets by using the THORChain multi-chain protocol and the SWFT Blockchain bridge in transactions.
The firm’s specialists linked the attack on Atomic Wallet to North Korean hackers. Elliptic also noted that Sinbad.io is actively used by the Lazarus Group associated with Pyongyang.
Recall that the law enforcement agencies of Kazakhstan summoned the management of Atomic Wallet for questioning.
Found a mistake in the text? Select it and press CTRL+ENTER
Cryplogger Newsletters: Keep your finger on the pulse of the bitcoin industry!