Stolen loot crypto from Atomic wallets has started passing through sanctioned Russian-based exchange Garantex, according to blockchain security firm Elliptic.
Illicit funds gained from the $35 million Atomic Wallet hack are on the move again, with sanctioned Russian-based crypto exchange Garantex reportedly becoming the latest to come in contact with the hacked crypto.
On June 13, blockchain security and compliance firm Elliptic updated the situation regarding the stolen Atomic Wallet funds. It alleges that the North Korean hacking collective, the — which it believes is behind the attack — has used sanctioned Russian-based crypto exchange Garantex to launder the loot.
In a tweet, the firm said there had been a significant and successful cross-community effort between Elliptic and many exchange partners to freeze the stolen crypto. However, Lazarus has now found other means to trade its assets for Bitcoin
Garantex was founded in late 2019 and originally registered in Estonia before moving the majority of its operations to Moscow, the Treasury Department at the time.
“Analysis of known Garantex transactions shows that over $100 million in transactions are associated with illicit actors and darknet markets,” it added.
Earlier this month, Cointelegraph reported that the ill-gotten gains were being , a service frequently used by the Lazarus Group.
Elliptic added that the funds withdrawn from Garantex by the hackers continue to be obfuscated through the Sinbad.io mixer.
The Treasury Department also sanctioned Blender.io (the former iteration of Sinbad.io) in May 2022, warning that the service was being used by North Korea to “support its malicious cyber activities and money-laundering of stolen virtual currency.”
Illicit funds gained from the $35 million Atomic Wallet hack are on the move again, with sanctioned Russian-based crypto exchange Garantex reportedly becoming the latest to come in contact with the hacked crypto.
On June 13, blockchain security and compliance firm Elliptic updated the situation regarding the stolen Atomic Wallet funds. It alleges that the North Korean hacking collective, the — which it believes is behind the attack — has used sanctioned Russian-based crypto exchange Garantex to launder the loot.
In a tweet, the firm said there had been a significant and successful cross-community effort between Elliptic and many exchange partners to freeze the stolen crypto. However, Lazarus has now found other means to trade its assets for Bitcoin
Garantex was founded in late 2019 and originally registered in Estonia before moving the majority of its operations to Moscow, the Treasury Department at the time.
“Analysis of known Garantex transactions shows that over $100 million in transactions are associated with illicit actors and darknet markets,” it added.
Earlier this month, Cointelegraph reported that the ill-gotten gains were being , a service frequently used by the Lazarus Group.
Elliptic added that the funds withdrawn from Garantex by the hackers continue to be obfuscated through the Sinbad.io mixer.
The Treasury Department also sanctioned Blender.io (the former iteration of Sinbad.io) in May 2022, warning that the service was being used by North Korea to “support its malicious cyber activities and money-laundering of stolen virtual currency.”