Blockchain Tracks North Korean Hackers’ Movement of Funds Following WazirX Incident

September 9, 2024
Blockchain Tracks North Korean Hackers' Movement of Funds Following WazirX Incident

Blockchain analytics firm Arkham Intelligence has tracked the movement of over $11 million in ether (ETH) by the North Korean hackers believed to be responsible for the July hack on India’s WazirX crypto exchange. The funds were moved to the mixing service Tornado Cash early Monday morning, raising concerns about the hackers’ attempts to obfuscate the stolen assets.

North Korean Hackers Move Funds

Arkham’s on-chain data analysis reveals that the hackers moved over 5,000 ETH, worth just over $11 million at current prices, from a wallet associated with the WazirX heist to a new address at 07:19 UTC on Monday. Shortly thereafter, $1.2 million in tokens from that address were sent to Tornado Cash in five separate transactions.

While Arkham Intelligence has not definitively confirmed that the funds moved on Monday were directly from the WazirX hack, the timing and the association of the wallet with the North Korean hackers, combined with the earlier analysis pointing towards the Lazarus Group, strongly suggest a connection. 

This highlights the ongoing challenges faced by law enforcement and cryptocurrency exchanges in tracking and recovering stolen funds. The use of mixing services like Tornado Cash adds another layer of complexity to the already difficult task of combating cybercrime in the cryptocurrency space.

North Korean Hackers’ Lazarus Group Suspected

The WazirX hack, which resulted in the loss of over $100 million in SHIB, $52 million in ETH, and other assets, was a significant blow to the Indian crypto exchange. The exchange has been grappling with the fallout, including restructuring efforts to manage the crisis.

Just days after the July 18 WazirX hack, independent crypto sleuths like ZachXBT and cybersecurity firm Cyfirma pointed fingers towards the Lazarus Group, a notorious North Korean hacking collective, given the modus operandi of the attack.

Blockchain analytics firm Elliptic in July said, “On-chain analysis and other information reviewed by Elliptic indicates that this hack was perpetrated by hackers affiliated with North Korea.” Elliptic also noted at the time, “has added the address associated with the thief to our system, ensuring that our clients will be alerted if they receive any of these funds.”

The incident underscores the importance of robust security measures for cryptocurrency exchanges and the need for increased vigilance in the face of evolving cyber threats. WazirX has stated that it is cooperating with law enforcement agencies in its investigation and is taking steps to enhance its security protocols to prevent future attacks.

Read More

Yona has no crypto positions and does not hold any crypto assets. This article is provided for informational purposes only and should not be construed as financial advice. The Shib Daily is an official media and publication of the Shiba Inu cryptocurrency project. Readers are encouraged to conduct their own research and consult with a qualified financial adviser before making any investment decisions.

Leave a Reply

Your email address will not be published.

Coinbase Executives Sell $32 Million in Stock Over the Last 30 Days
Previous Story

Coinbase Executives Sell $32 Million in Stock Over the Last 30 Days

Next Story

Australian Federal Court Rules in Favor of ASIC in Case Against Kraken’s Margin Trading Practices