North Korea used tornado cash to loot HTX’s $147.5m: UN

Entities representing the North Korean regime used privacy protocol Tornado Cash to launder nearly $150 million in stolen cryptocurrency assets in March.

According to a leaked secret United Nations (UN) report to Reuters, notorious cyber attackers dubbed the Lazarus Group took a sleeping bag containing stolen crypto assets to their home in North Korea.

In the year In March 2023, North Korean hackers withdrew $147.5 million worth of cryptocurrencies from HTX, a crypto exchange owned by Tron founder Justin Sun. A year later, the funds were smuggled into North Korea using Tornado Cash.

Crypto mixing services like Tornado Cash are handy tools for hackers and fraudsters. Bad actors use stolen crypto-assets to keep them anonymous and untraceable.

According to a Reuters report, the United Nations is investigating 97 North Korean cyber attacks between 2017 and 2024 that have led to an estimated $3.6 billion worth of cryptocurrencies.

In the year In 2024 alone, UN inspectors investigated “11 cryptocurrency thefts…worth $54.7 million” in which “Democratic Republic of Korea (DPRK) IT staff were unwittingly hired by small crypto-related companies.”

The United States imposed sanctions on Tornado Cash in 2022 for allegedly helping North Korea evade cross-border money transfers. However, the protocol and its founders have denied the allegations for more than two years.

On May 14, Alexei Persev, the developer of the cryptocurrency mixing protocol Tornado Cash, was found guilty of money laundering, which has serious implications for open source code developers.

Persev was sentenced to five years and four months in prison for embezzling $1.2 billion worth of illicit assets from the platform. The legal representatives were given 14 days to appeal the court's decision.

Related: Crypto-mixing ‘not a crime,' says CryptoQuant CEO

The use of Tornado Cash to steal stolen funds is not limited to North Korea. Rather, it is a highly sought-after technique in the global hacking community.

On May 14, blockchain investigative firm PeckShield transferred an estimated $53 million worth of stolen ether linked to Poloniex's $100 million hack into Tornado Cash.

As shown in the flowchart above, the hacker transferred over 17,800 ETH from six different wallets to one Tornado Cash address.

Magazine: ‘Sic AIs on Each Other' AI to Prevent Apocalypse: David Brin, Sci-Fi Author