February 21, 2024

MistTrack: Atomic Wallet Hackers Used THORChain to Hide Stolen Funds

Article Reading Time:
2 minutes.

MistTrack: Atomic Wallet Hackers Used THORChain to Hide Stolen Funds

The hackers who stole funds from the Atomic Wallet crypto wallet used the THORChain cross-chain liquidity protocol to hide the stolen funds, MistTrack analysts report.

More than 500 stolen ETH were transferred toTHORChain in the last two days and then exchanged for Bitcoin. According to analysts, some of the stolen ether was redirected to several Bitcoin addresses using the Swft blockchain.

Last week, hackers transferred somestolen funds to the Garantex exchange, which was sanctioned by the US Treasury Department's Office of Foreign Assets Control (OFAC) in April last year. Garantex itself announced that it had blocked all accounts associated with the Atomic hack and was ready to cooperate with law enforcement agencies.

Security company Ellipticblockchain, said it believed the North Korean hacker group Lazarus was behind the attack. Elliptic also noted that the losses suffered by Atomic Wallet users as a result of the hacker attack amount to $100 million. 

Earlier, Elliptic reported that crypto assets that were stolen from Atomic Wallet wallets began to flow to the Sinbad service, popular with Lazarus Group hackers.

One of the affected Atomic usersWallet lost 1,897 ETH ($3.5 million). Also, the five largest wallets from which hackers withdrew funds lost a total of $9.7 million. The only way to protect assets for Atomic Wallet users is to transfer funds to new addresses, created using different software.