Saturday, July 13, 2024

US-Seized Crypto Currency Mixer Used by North Korean Lazarus Hackers

The U.S. Treasury Department sanctioned the famous cryptocurrency mixer Sinbad after it was claimed that the North Korean hacker group Lazarus was using it to launder funds that had been stolen.

Millions of dollars worth of virtual currency from Lazarus Group thefts, such as the Horizon Bridge and Axie Infinity heists, have been processed by Sinbad.

Cybercriminals also utilize Sinbad to disguise transactions connected to unlawful operations like drug trafficking, evading sanctions, buying materials involving child sexual abuse, and other illegal sales on darknet markets.

Protect Your Storage With SafeGuard

Is Your Storage & Backup Systems Fully Protected? – Watch 40-second Tour of SafeGuard

StorageGuard scans, detects, and fixes security misconfigurations and vulnerabilities across hundreds of storage and backup devices.

Sinbad is behind Several of the Largest Crypto Hacks 

According to the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC), the Lazarus Group prefers Sinbad as a mixing service, and Sinbad is accountable for materially aiding in the laundering of millions of dollars in virtual currency that has been stolen. 

By hiding the origin, destination, and counterparties of illegal transactions, Sinbad, which runs on the Bitcoin blockchain, indiscriminately helps them along.

Some industry insiders believe that Sinbad is the replacement for the mixer, which OFAC assigned to supply mixing services to the Lazarus Group.

A substantial amount of the $100 million in virtual currency taken from Atomic Wallet users on June 3, 2023, was laundered through Sinbad.

A sizable amount of virtual money from the $620 million Axie Infinity heist in March 2022 and the $100 million Horizon Bridge crime in June 2022 was also laundered through the usage of Sinbad.

Over the course of its more than 10 years of operation, the Lazarus Group is thought to have committed many crimes totaling over $2 billion in digital assets.

Details of Sanctions

As a result of the action on Wednesday, Sinbad’s U.S. assets are frozen, and Americans are typically prohibited from interacting with it. Individuals who use the mixer in specific ways run the danger of facing penalties.

According to a notice on its website, the service has been taken down as part of a coordinated law-enforcement operation, including the FBI and organizations in Finland and the Netherlands.

“Mixing services that enable criminal actors, such as the Lazarus Group, to launder stolen assets will face serious consequences,” said Deputy Secretary of the Treasury Wally Adeyemo. 

“The Treasury Department and its U.S. government partners stand ready to deploy all tools at their disposal to prevent virtual currency mixers, like Sinbad, from facilitating illicit activities. While we encourage responsible innovation in the digital asset ecosystem, we will not hesitate to take action against illicit actors.”

Experience how StorageGuard eliminates the security blind spots in your storage systems by trying a 14-day free trial.


Latest articles

mSpy Data Breach: Millions of Customers’ Data Exposed

mSpy, a widely used phone spyware application, has suffered a significant data breach, exposing...

Advance Auto Parts Cyber Attack: Over 2 Million Users Data Exposed

RALEIGH, NC—Advance Stores Company, Incorporated, a prominent commercial entity in the automotive industry, has...

Hackers Using ClickFix Social Engineering Tactics to Deploy Malware

Cybersecurity researchers at McAfee Labs have uncovered a sophisticated new method of malware delivery,...

Coyote Banking Trojan Attacking Windows Users To Steal Login Details

Hackers use Banking Trojans to steal sensitive financial information. These Trojans can also intercept...

Hackers Created 700+ Fake Domains to Sell Olympic Games Tickets

As the world eagerly anticipates the Olympic Games Paris 2024, a cybersecurity threat has...

Japanese Space Agency Spotted zero-day via Microsoft 365 Services

The Japan Aerospace Exploration Agency (JAXA) has revealed details of a cybersecurity incident that...

Top 10 Active Directory Management Tools – 2024

Active Directory Management Tools are essential for IT administrators to manage and secure Active...
Guru baran
Guru baran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Free Webinar

Low Rate DDoS Attack

9 of 10 sites on the AppTrana network have faced a DDoS attack in the last 30 days.
Some DDoS attacks could readily be blocked by rate-limiting, IP reputation checks and other basic mitigation methods.
More than 50% of the DDoS attacks are employing botnets to send slow DDoS attacks where millions of IPs are being employed to send one or two requests per minute..
Key takeaways include:

  • The mechanics of a low-DDoS attack
  • Fundamentals of behavioural AI and rate-limiting
  • Surgical mitigation actions to minimize false positives
  • Role of managed services in DDoS monitoring

Related Articles