Illicit funds obtained in the $35 million Atomic Wallet hack have been detected moving to crypto mixer Sinbad.io that is popular among North Korea’s infamous cyber-hacking group.
Elliptic, a blockchain compliance analytics firm, announced on June 5th that its Investigations Team has traced the money from the Atomic Wallet hack to Sinbad.io. It is claimed that Sinbad.io was used previously to launder North Korea Lazarus Group’s over $100 million stolen crypto assets.
However, Elliptic did not reveal the exact amount of funds that were transferred to the mixer. They added that the loot was being converted into Bitcoin (BTC) before being obscured through the mixer.
Analysis of the ongoing Atomic Wallet hack, from our new Investigations Team account @Elliptic_Inv https://t.co/gbm3dX34JB
— Elliptic (@elliptic) June 5, 2023
Elliptic also said that Sinbad.io is likely a renamed version of Blender.io, “another mixer heavily used to launder Lazarus Group funds,” and the first mixer to be sanctioned by the U.S. Treasury Department.
Several Atomic Wallet user accounts were compromised on June 3, leading to losses of up to $35 million. Nevertheless, the company minimized the incident, stating that it affected less than 1% of its monthly active users.
Atomic Wallet’s Chief Marketing Officer, Roland Säde, told Cointelegraph that the team is “doing everything they can to get those funds back” and added that “the investigation must be completed to create a concrete plan.”
“Of course, the team is devastated as we have been very proud about our security. We are working around the clock to get it all resolved and come out of this crisis stronger than before.”
Related: Atomic Wallet exploited, users report loss of entire portfolios
He suggested that victims track the illicit transfers and report them to major crypto exchanges, which “could prevent the scammers from exchanging their funds.”
“Of course, we are also reporting them directly, but the more eyes on hackers, the harder it is for them to move them,” he said.
However, for many, it may already be too late, given Elliptic’s most recent findings.
Magazine: Should crypto projects ever negotiate with hackers? Probably