Gangster by the Treasury Identified The Lazarus Group, also known as the 2014 Sony Pictures hack, laundered about $ 100 million (about 17%) of the cryptography it had stolen so far. according to To blockchain analysis company Elliptic. By converting it to the cryptocurrency Ethereum, they moved the haul beyond the direct reach of US authorities. This, unlike the cryptocurrencies they stole, cannot be compromised remotely. Since then, gangs have largely blurred the origin of cryptography by sending cryptographic installments through a program called Tornado Cash, a service known as a mixer that pools digital assets and hides their owners. I have been working on.
Authorities and major crypto industry players are scrambling to catch up.Ministry of Finance Authorization Three more addresses associated with the gang on Friday as Binance, a large international crypto exchange publication Hackers have frozen $ 5.8 million worth of ciphers transferred to the platform.
The cat-and-mouse game between law enforcement and North Korean hackers is another example of how criminals have learned to target the weaknesses of the growing crypto economy. They abuse flawed code on decentralized crypto platforms, use tools that help hide tracks such as converting assets into privacy-enhancing cryptocurrencies like Monero, and cross-border uneven law. Take advantage of enforcement coordination.
The North Korean proceedings also highlight the crypto industry, which is eager to demonstrate its credibility to regulators, investors and customers while maintaining the bohemian spirit of crypto. Some of the largest companies in the sector welcome government oversight and promote their investment in internal compliance programs.
Nonetheless, a Washington Post review of crypto accounts approved by the Treasury over the past year and a half found four freely tradeable wallets months after being blacklisted by the government. The apparent revocation is due to a defective or incomplete compliance program by the Tether and Center Consortium. These are the two companies involved in the issuance of so-called stablecoins, a type of cryptocurrency whose value is fixed to external assets, usually the dollar.
“We are at a particularly important moment. Everyone is still learning what is possible and how attacks can occur. The borderless nature of cryptography sets the standard globally. It’s difficult to apply, “said Chris DePow, Elliptic’s compliance officer. “These are people who are acting all over the world. Even if one jurisdiction is doing very well, if there are other jurisdictions that are weakly enforced, problems will arise.”
Digital thieves are on track for a record year. According to blockchain data company Chainalysis, after seizing $ 3.2 billion in 2021, they stole $ 1.3 billion worth of cryptocurrencies in the first three months of the year.The hacker has done something else Major Heist Last Sunday, Etherscan data stole about $ 76 million worth of digital assets from a crypto project called Beanstalk.
As the success of cybercriminals grows, so does the urgency of US authorities. look Attack as a threat to national security. According to UN investigators, the Lazarus Group is an important source of funding for North Korea’s nuclear ballistic missile program. And Russian hackers temporarily disrupted the operation of an important American fuel pipeline and the world’s largest meat supplier last spring, and only forgave them after raising millions of dollars in cryptocurrencies. (Most of the ransom for Colonial Pipeline Recover later.. )
Russia’s invasion of Ukraine has sharpened the focus of policy makers on this issue. Some lawmakers are worried that the Kremlin and oligarchs could use cryptography to circumvent international sanctions that block access to traditional financial channels.
So far, they haven’t. “It’s hard to imagine what happens with cryptography,” Treasury Secretary Janet Yellen said Thursday. But the department also shows that it is not seizing the opportunity. “The Putin administration has sanctioned even the most complex assets,” the Biden administration said in a statement that it had leveled sanctions on Russian crypto mining company BitRiver and its 10 subsidiaries.
US authorities also continue to target Russian cybercriminals and the cryptographic platforms they rely on to enable attacks.Earlier this month, US law enforcement agencies publication Closure of Russia-based Hydra Market, a darknet marketplace allegedly selling hacked personal information, drugs and hacking services.
As part of the crackdown, the Treasury has also sanctioned Garantex, the Russian cryptocurrency exchange, which the ministry said it handled more than $ 100 million in illegal transactions, including $ 2.6 million related to Hydra. The Treasury said the move was based on sanctions enacted last year against two other Russian cryptocurrency exchanges, Suex and Chatex, which operate in the same office tower in Moscow’s financial district. Stated.
This designation means that crypto companies that interact with the US financial system need to block transactions with authorized entities, Elliptic’s DePow said. However, a Post review found that neither Tether nor the Center Consortium was blocking all transactions, including authorized addresses.
Tether continued to allow transactions with crypto accounts allegedly belonging to Chatex, and more than half of its business was linked to illegal or high-risk activities, including: Ransomware Attack, according to the Treasury. One tether address According to a blockchain data post review from Etherscan, we received and sent about $ 15,000 by April 19. another Received and sent about $ 42,000 in the last 6 months.
“We are conducting ongoing market surveillance to ensure that there are no irregular movements or measures that could violate applicable international sanctions,” Tether said in a statement. Chatex did not respond to the request for comment.
Not all transactions, including authorized addresses, are invalid. Mainstream exchanges can consolidate the funds held in authorized accounts and lose the profits of hackers who previously owned them.And sometimes the Treasury approves individual transactions with authorized accounts
Separately, the Center Consortium, which issues USD Coin, the second largest stablecoin in a joint venture between U.S. cryptocurrency Coinbase and Circle, is a Russian hacker until months after approval by the Ministry of Finance. Could not freeze 3 wallets owned by. The two accounts blacklisted in September 2020 belong to Artem Lifshits and Anton Andreyev, employees of the Russian hacking group who led the state’s interference in the 2016 US presidential election. One-third was related to Yevgeniy Polyanin, which the Treasury approved in November for conducting a ransomware attack as part of a REvil cybercriminal group.
The center did not freeze these wallets until March 29th. A spokesman said the company conducted a review of authorized accounts and found that it “did not catch those addresses.” During that time, the wallet was not traded.
“We are constantly reviewing what we are doing to ensure that we are at the forefront of compliance,” said a spokesperson for the center. “Through that review, we identified three addresses that were overlooked and acted immediately.”
The Treasury has requested that US companies freeze their licensed accounts as soon as they are blacklisted and report that they have been frozen within 10 days, a former director of the Office of Foreign Assets Control of the US Treasury said. Yes, and now Morrison & Foerster’s partner John Smith said. He said the department can apply strict penalties even if the offender is unaware that it is out of compliance, but tends to focus on more vicious cases.
“They track entities or individuals who believe they have intentionally or recklessly violated sanctions,” Smith said.
A Treasury spokesperson did not respond to a request for comment.
When approached through the founder, so was Tornado. The mixer is the way people who stole $ 75 million from the Beanstalk project washed their bottom line. It upset investor AJPikul. To tell He lost about $ 150,000 in a hack. “Honestly, I’m not entirely happy with being able to launder money through cryptocurrencies,” he told the post by email.
“I feel like we are in a digital arms race between the good and the bad,” he said.