Hackers like Lazarus continue to use Tornado Cash despite US sanctions
North Korean hackers tied to its infamous Lazarus Group have used coin mixing service Tornado Cash to launder $12 million worth of ether (ETH) over the past 24 hours.
Research from blockchain analytics firm Elliptic shows that more than 40 transactions have been sent by Lazarus Group to Tornado Cash on March 13 and March 14. Elliptic has also attributed a $100 million Heco Bridge and HTX hack last November to Lazarus Group.
Lazarus is responsible for hacks worth more than $3 billion over the past six years, according to a report by cybersecurity firm Recorded Future. Tornado Cash was hit by U.S. sanctions in August 2022. This spurred Lazarus Group to use another mixer, Sinbad, to obfuscate their ill-gotten gains. However, Sinbad itself was seized by U.S. authorities in November, prompting Lazarus to make the shift back to Tornado Cash, Elliptic said in its blog post. One of Tornado Cash's founders, Roman Storm, was arrested last year and is awaiting trial on money laundering charges. Another, Roman Semenov, has been charged but has yet to be arrested.