North Korean state-sponsored threat operation Lazarus Group has been linked "with a high level of confidence" to the theft of $35 million from Atomic Wallet earlier last week following the discovery of similar techniques leveraged in the latest intrusion and the hacking group's earlier attacks, reports The Record, a news site by cybersecurity firm Recorded Future.
Attackers behind the Atomic Wallet cryptocurrency heist leveraged Sinbad mixer and other services for stolen asset laundering, tactics that have been associated with Lazarus, while the newly exfiltrated assets may have been placed in wallets with proceeds from the operation's previous attacks, according to a report from Elliptic.
Elliptic estimates that more than $2 billion worth of cryptocurrency exchange and decentralized finance assets have been exfiltrated by Lazarus.
Cryptoexchanges, e-commerce platforms, and banks have long been attractive targets to North Korean hackers, with Recorded Future's Insikt Group noting that such attacks have become income generators for the country.