Share this article
Atomic Wallet Hackers Use THORChain to Conceal Stolen $35M Funds
The hackers, believed to be North Korean hacking group Lazarus, have been using cross-chain bridges and liquidity protocols to mix stolen funds.
Updated Jun 20, 2023, 12:21 p.m. Published Jun 20, 2023, 10:55 a.m.
Make us preferred on Google
Hackers that targeted crypto wallet Atomic Wallet in a $35 million heist earlier this month have used cross-chain liquidity protocol THORChain to conceal their ill-gotten gains, according to blockchain sleuth MistTrack.
MistTrack states that 503.08 ether , or around $870,000, connected to the hack was transferred to THORChain in the last two days before being swapped for bitcoin .
STORY CONTINUES BELOW
Don't miss another story.Subscribe to the Crypto Daybook Americas Newsletter today. See all newsletters
Some of the stolen ether was also bridged to multiple bitcoin addresses using the Swft blockchain, MistTrack said.
Last week, the hackers moved a portion of stolen funds to crypto exchange Garantex, which was sanctioned by the Office of Foreign Assets Control (OFAC) of the U.S. Treasury last April.
Blockchain security firm Elliptic said that it believes North Korean hacking group Lazarus are behind the attack.
THORChain's native token (RUNE) remains stable following the string of hack-related transactions, it trades at 84 cents having risen slightly in the past 24-hours, according to CoinMarketCap.
More For You
More For You
The Genius Act ripple effect: Sui executives say institutional demand has never been higher
Evan Cheng and Stephen Mackintosh said 2025 marked a turning point for institutional adoption, with tokenization and agentic commerce emerging as the next frontier.
What to know:
- Executives cited ETF flows, DAT growth and major trading firms entering crypto.
- Tokenization and instant settlement could blur the line between traditional and decentralized markets.
- Low-latency design and composable tooling aim to power AI-driven and tokenized financial use cases.
Top Stories
