Fintechs.fi

Fintech & Crypto News

Hacker Uses OFAC-Sanctioned Garantex To Launder Stolen $35M

Before sending the stolen money to Garantex, the hackers traded the assets for USDT on the on-chain trading site 1inch.

The stolen crypto assets from the hack of Atomic Wallet have been sent to the authorised cryptocurrency exchange in Russia called Garantex, where the thieves traded the tokens for Bitcoin (BTC).

A blockchain analytics company called Elliptic said in a tweet that the hackers, who are thought to be part of the controversial North Korean Lazarus Group, have turned to Garantex as several crypto exchanges work together to freeze funds related to the hack.

Atomic Wallet Hackers Use Garantex

Last year, a few months after Russian President Vladimir Putin struck Ukraine, the Office of Foreign Assets Control (OFAC) put sanctions on Garantex. The U.S. Treasury said that the site had weak rules against money laundering and allowed illegal players to use it. But the exchange kept running, and it played a big part in making illegal crypto trades possible.

The decentralised, non-custodial Atomic Wallet was hacked earlier this month, and several users said that their accounts were emptied. Even though the biggest victim lost six figures, the attack stole more than $35 million worth of crypto assets. BTC, Ether (ETH), Tether (USDT), Dogecoin (DOGE), Litecoin (LTC), BNB Coin (BNB), and Polygon (MATIC) are among the things that were stolen.

A few days after the hack, the hackers sent the stolen cryptocurrency to Sinbad.io, which is used by the Lazarus Group to wash cryptocurrency. Still, Garantex funds are being sent to Sinbad.io.

Before sending the stolen assets to Garantex, the hackers traded them for USDT on the on-chain trading site 1inch. They were moved from Garantex to Sinbad.io after being traded for BTC.

Continued Investigation

The Atomic Wallet team says that less than 1% of its monthly users were harmed by the attack. The team said they hired Chainalysis, a blockchain security company, to be the lead detective and worked with a number of exchanges and analytics companies to find and freeze the stolen money.

It’s still not clear if Atomic Wallet has told the police about the situation. Also, the platform hasn’t figured out the attack vector or said if plans are being made for pay.

Read Also: