The crypto world recently experienced a major security breach, as attackers managed to exploit Atomic Wallet earlier this month and make off with $35 million in various tokens. This incident has raised alarms within the community, as the ill-gotten funds are now being moved via the OFAC-sanctioned exchange Garantex. While several crypto exchanges have managed to freeze addresses associated with the hack, some funds have still managed to find their way into Garantex, putting the spotlight on the exchange’s role in this entire fiasco and raising questions about its regulatory compliance practices.
Blockchain security firm Elliptic investigated the hack and stated that it was likely the work of the notorious North Korean hacking group Lazarus. The group has been known for their ever-growing list of successful cyber heists, and their exploits don’t seem to be slowing down anytime soon. As the world gets more digital, so do the adversaries, and Lazarus is a prime example of the emerging threat landscape that cryptocurrencies face.
The involvement of Garantex in this incident is particularly worrisome due to its OFAC sanction last year. The Office of Foreign Assets Control (OFAC) of the U.S. Treasury had imposed sanctions on the exchange, stating that it had lax anti-money laundering measures in place, making it a haven for illicit players to move money freely. Despite the sanctions, Garantex continues to operate.
To move the stolen funds, the attackers first utilized the on-chain trading tool 1inch before transferring the funds to Garantex, where they were traded for bitcoin. From there, the bitcoin was laundered through Sinbad, a bitcoin mixer service allegedly used by North Korean hacking groups.
The coins stolen from Atomic Wallet’s centralized storage and wallet service included bitcoin (BTC), ether (ETH), tether (USDT), dogecoin (DOGE), litecoin (LTC), Binance’s BNB coin (BNB), and Polygon’s MATIC. Interestingly, Atomic Wallet stated that the impacted users represented “less than 1% of its monthly active users”, and investigations were ongoing as of June 8.
This incident serves as a stark reminder of the risks inherent in the cryptocurrency ecosystem. On one hand, cryptocurrencies and blockchain technology offer immense benefits such as decentralization, privacy, and global access. On the other hand, they are a perfect breeding ground for cybercrime, and regulatory compliance remains a challenge in many jurisdictions. The Atomic Wallet hack and subsequent movement of funds through Garantex show that both the crypto industry and regulators have a long way to go to ensure the security and safety of the world’s burgeoning digital economy.
Source: Coindesk