Blockchain investigator ZachXBT has identified hackers tied to North Korea’s Lazarus Group laundering $1.95 million worth of stolen crypto through the mixer Tornado Cash.
North Korea’s Hackers Use Tornado Cash to Obfuscate the Trail of $1.95M Ethereum
The theft originated from a May 16, 2025, attack where a victim lost $3.2 million from multiple Solana addresses, according to ZachXBT. The hackers market-sold the assets and bridged funds to the Ethereum chain before depositing 800 ETH into Tornado Cash across two transactions: 400 ETH on June 25 and another 400 ETH on June 27.
Image shared by ZachXBT in his Telegram channel.
Approximately $1.25 million in DAI and Ethereum remains untouched at the address “0xa5f,” ZachXBT stated. The Solana theft address is identified as “C4WY1.”
The Lazarus Group, a state-sponsored hacking collective operated by North Korea, conducts large-scale cyberattacks to fund the regime’s weapons programs. It has stolen billions in cryptocurrency since 2018 through exchange hacks, ransomware, and phishing schemes, drawing sanctions from the U.S. Treasury.
Authorities and investigators like ZachXBT will likely monitor the unmoved $1.25 million as blockchain analysts trace the Lazarus Group’s cross-chain laundering tactics. With Tornado Cash’s role, however, the Ethereum-based tool obscures transaction trails and makes it more difficult.
#Binance #wendy #BTC $BTC $ETH $BNB
