Blockchain analytics firm Elliptic revealed that North Korea-backed hacker group Lazarus is once again using sanctioned crypto mixer Tornado Cash to obfuscate its transactions.
Last year, the group stopped using the crypto mixer following US government sanctions imposed over allegations of helping criminals launder illegally acquired digital assets.
After the sanctions, Tornado Cash saw an 85% decrease in overall volume as hackers began using alternatives such as Sinbad.io and cross-chain bridges.
Why the Lazarus Group Returned to Tornado Cash
However, the US government’s sanctions against Sinbad.io for facilitating money laundering by North Korean state-sponsored hacking groups provide limited options for Lazarus.
That’s why the group turned to Tornado Cash, which has remained operational despite US sanctions due to its decentralized nature.
Elliptic also disclosed that the group recently moved approximately $13 million in funds stolen from the HTX Exploit. These funds have been transferred via Tornado Cash in more than 40 transactions over the past three days, marking the first movement since the November 2023 incident.
What does this mean for the sector?
Lazarus Group’s return to Tornado Cash reflects the government’s inability to effectively curb the mixer’s activities, Elliptic said.
The company explained that Tornado Cash cannot be seized and closed like centralized mixers because it works through smart contracts on decentralized blockchains.
Tom Robinson, the co-founder of Elliptic, added:
“The removal of centralized mixers by law enforcement agencies may push crypto laundering back to decentralized alternatives.”
DeFillama data further indicates a resurgence of the platform, with the total value of locked assets reaching $565 million, marking the highest level since the US government imposed sanctions in 2022.
This uptrend is also reflected in the protocol’s native TORN token, which was trading at around $2 at the time of writing – up 13% over the past day, based on CryptoSlate facts.
Meanwhile, the crypto community has rallied behind the project’s developers after multiple governments, including the US, targeted them with legal action. Notable crypto stakeholders such as Coinbase have supported the developers’ legal defense.
