According to a report by blockchain investigator ZachXBT, the notorious North Korean hacker group Lazarus is believed to be behind a recent cyberattack that resulted in the theft of approximately $3.2 million in cryptocurrency. The incident occurred on May 16, when an unidentified user was targeted in a sophisticated exploit.
Following the attack, the stolen assets were swiftly liquidated and moved across blockchain networks—initially from Solana and later bridged to Ethereum. In a suspected attempt to obscure the origin of the funds, the attackers deposited 400 $ETH into the crypto mixing service Tornado Cash on June 25, followed by another 400 ETH deposit on June 27.
This event marks yet another high-profile crypto theft linked to the Lazarus Group, which has been repeatedly accused of using digital assets to fund North Korea’s sanctioned programs. The case highlights the ongoing security threats in the decentralized finance ecosystem and the increasing use of privacy tools to evade tracking.