- North Korean hacking group Lazarus is suspected of being behind the attack.
- The Atomic Wallet hack led to a loss of over $35 million in cryptocurrency.
- Blockchain analytics firm uncovered interesting patterns that point to North Korean hackers.
On Saturday, June 3, 2023, users of the Atomic Wallet woke up to a rude awakening. Hackers found an exploit in the wallet’s code, enabling them to siphon funds from individual wallets. After targeting major wallet holders, hackers managed to steal as much as $35 million from wallet users.
What Evidence Links North Korea to the Hack?
On Tuesday, June 6, Blockchain intelligence firm Elliptic stated in a blog post that the Atomic Wallet hack could be the doing of Lazarus, the infamous North Korean hacking group. Independent crypto investigator ZachXBT corroborated these claims, telling CNN that North Korean hackers were likely responsible for the breach.
On-chain data shows that hackers used a crypto mixer known to be favored by North Korea’s most notorious cyber-hacking group. Moreover, Elliptic noted that hackers followed a “series of steps that exactly match those employed to launder the proceeds of past hacks perpetrated by Lazarus Group.”
If true, the hack would be the first major operation by the Lazarus Group since June 2022 Horizon Bridge exploit. Back then, Lazarus stole $100 million from the protocol linking Harmony, Ethereum, and BSC.
Who Are the Infamous Lazarus Hackers?
The Lazarus Group, also known as the Guardians of Peace or Whois Team, is a cybercrime group that allegedly answers to the government of North Korea. The group is responsible for sophisticated cyber-attacks, including the 2014 Sony Pictures hack and the WannaCry ransomware attack in 2017.
In recent years, Lazarus has turned its attention to crypto, with several reports linking them to large-scale cryptocurrency heists. The group is known for its advanced techniques and the use of crypto mixers to obfuscate the trail of stolen assets, making it harder for investigators to track the stolen funds.
On the Flipside
- There is no definitive evidence that Lazarus was behind the attack. Its procedures and techniques are matters of public knowledge, meaning that copycats could as well be behind the hack.
- Following the hack, unscrupulous scammers were looking to victimize Atomic Wallet owners again. Luring them with fake refunds, scammers tried to get the funds the hackers couldn’t.
Why This Matters
For crypto traders, the Atomic Wallet hack serves as a wake-up call about the potential vulnerabilities in the crypto space. The incident underscores the importance of due diligence when selecting a wallet.
Read more about the last hack by Lazarus:
Read about the effects of the SEC’s crypto crackdown: