Key Points
- Russian crypto exchange Garantex is reportedly laundering crypto stolen from users of Atomic Wallet.
- Garantex has been sanctioned by the US government for its alleged involvement with the Hydra marketplace.
- The US government claims that Garantex has intentionally ignored Anti-Money Laundering regulations.
- Furthermore, the hack of Atomic Wallet has been connected to Lazarus, a North Korean hacking group.
The world of cryptocurrency has once again fallen prey to the cunning tactics of hackers. The infamous Atomic Wallet hack, which resulted in the theft of a staggering $35 million worth of crypto, has taken a new turn. Blockchain analytics firm Elliptic has revealed that the stolen funds are being laundered through a Russian-based crypto exchange called Garantex. This exchange has already been sanctioned by the US government for aiding the Hydra dark web marketplace.
Despite a significant effort by Elliptic and its exchange partners to freeze the stolen crypto, the hackers, known as Lazarus, have managed to find other means to trade their assets for Bitcoin. It is a classic case of cat and mouse, as the cybersecurity experts try to outsmart the hackers who are always one step ahead.
After a significant and successful cross-community effort between @elliptic, many of our exchange partners and friends to freeze stolen @AtomicWallet funds, Lazarus have now turned to OFAC-sanctioned Exchange, Garantex, to trade their assets for BTC… pic.twitter.com/5Lk9DeGjr8
— Elliptic Investigations (@Elliptic_Inv) June 12, 2023
The Atomic Wallet Hack
The infamous North Korean hacking group, Lazarus, has been linked to the Atomic Wallet hack that resulted in millions of dollars worth of cryptocurrency being stolen. The group has been accused of using these funds to finance the development of the country’s weapons program. The stolen funds have been under surveillance by Elliptic, who have been tracking their movements across various wallets, mixers, and laundering pathways.
As victims report wallet addresses containing stolen funds to exchanges, the hackers have been forced to resort to less reputable exchanges, such as Garantex, in order to exchange their ill-gotten gains for other crypto or fiat currencies. This ongoing saga is a stark reminder of the importance of vigilance and security in the world of cryptocurrency.
The Onset of Garantex
In the fall of 2019, Garantex emerged onto the scene, with its initial registration in Estonia before shifting its focus to Moscow. However, the Treasury Department soon took notice and flagged the company, prompting an investigation.
In April 2022, the U.S. Office of Foreign Assets Control (OFAC) imposed sanctions on Garantex and the infamous Russian Hydra dark web marketplace. Further analysis of Garantex’s transactions revealed a troubling trend: more than $100 million in transactions were linked to illegal activities and the shadowy corners of the internet.
In recent news, it has been reported that the Sinbad.io mixer, a service commonly utilized by the Lazarus Group, has been used to funnel ill-gotten gains. According to Elliptic, the hackers responsible for withdrawing funds from Garantex have been obscuring their trail through the Sinbad.io mixer.
About Sinbad.io
This is not the first time that the Sinbad.io mixer has come under scrutiny. In May 2022, the Treasury Department sanctioned the service, formerly known as Blender.io, for its role in supporting North Korea’s malicious cyber activities and money-laundering of stolen virtual currency.
Furthermore, cybercriminals have been taking advantage of vulnerabilities in Atomic Wallet user accounts, resulting in massive losses of up to $35 million in digital assets.
Garantex, a platform accused of facilitating money laundering operations for the illegal Hydra marketplace, has been sanctioned by the US government for its role in aiding the darknet marketplace. This directly violates existing anti-money laundering laws. The sanctions have dealt a significant blow to cybercriminals, causing them to lose $15 million in potential revenue in just two months. However, Garantex has seen its monthly inflows more than double, suggesting that illegal activities continue to thrive in the virtual currency market.
End Note
The world of cryptocurrency is a high-stakes game where the risks are even higher. Unfortunately, the use of sanctioned exchanges to launder stolen cryptocurrency is a growing problem in the crypto industry. This is why Elliptic, a blockchain analytics firm, has identified the top ten crypto crime threats that have emerged in recent years. They show how these typologies are evolving over time, providing a glimpse into the ever-changing landscape of digital crime.One recent example of this trend is the Atomic Wallet hack.
