• Tue. Apr 16th, 2024

North Korea Hacking Collective Traced to Crypto Mixer in Atomic Wallet Hack

Avatar photo

ByMarcel Bich

Aug 10, 2023
According to Elliptic's study, the hackers used the Sinbad.io mixer to launder the funds taken from the Atomic Wallet breach
Marcel Bich
Latest posts by Marcel Bich (see all)

Last week, unidentified attackers used an important Atomic Wallet vulnerability. It caused the multichain cryptocurrency wallet to be burglarized and lose over $35 million.

Stolen Money from Atomic Wallet Laundered

A “large number” of wallets were impacted by the vulnerability, according to Elliptic’s investigations team. This happened a few days after the non-custodial cryptocurrency wallet reported the attack. The Atomic Wallet had first claimed that “less than 1%” of users were impacted.

At the time, BeInCrypto stated that the attack affected at least 100 wallet addresses and many other cryptocurrencies.

In February, Elliptic’s investigation revealed that Sinbad.io is a rebranded variation of Blender.io, which the U.S. Department of the Treasury has previously prohibited for having connections to the smuggling of stolen money. This came after the Treasury sanctioned the Tornado Cash cryptocurrency mixer in August 2022.

During the transaction trail inquiry, a well-known mixer that is frequently used in money laundering was discovered. The Lazarus Group of North Korea used Blender to launder money, which attracted attention. It’s said to have laundered cryptocurrencies worth over $100 million.

Blender Reemerges as Sinbad

In the same month of April 2022 that Blender stopped down, Sinbad made his film debut.

In accordance with a previous analysis by Elliptic, Blender and Sinbad are connected to Russia and have similar transactional patterns, financing sources, operating characteristics, website layouts, and language support. In light of Blender’s shutdown and financial absence, the research suggests that the company may have decided to rebrand in order to escape fines and regain user faith.

Millions of cash seized during the Axie Infinity incident were previously laundered using Blender by hackers. Axie Infinity lost more than $600 million in March 2022 because of a cross-chain bridge vulnerability.

When this happened, the Treasury made a statement saying it will continue to investigate the use of mixing services for criminal conduct. And it won’t be long until Sinbad.io comes under the eyes of the law.

An earlier blog post by Elliptic described how mixers were used to move the stolen money despite constraints placed on it by various blockchains and assets. According to reports, hackers employed cross-chain bridges, centralized and decentralized exchanges, and centralized and decentralized exchanges to obfuscate transaction traceability.

Avatar photo

Marcel Bich

Marcel ‘s passion for the world of cryptocurrencies and his comprehensive knowledge of blockchain technology make him an invaluable asset to our team. He stays updated on the latest trends, regulations, and emerging technologies in the crypto space, ensuring that our audience receives accurate and up-to-date information.