North Korea Uses Tornado Cash to Clean $147.5M from Crypto Heist
Key Insights:
- North Korea used Tornado Cash to launder $147.5M from a 2023 cyber heist, bypassing global sanctions through sophisticated crypto operations.
- UN monitors have identified 97 North Korean cyberattacks on crypto firms since 2017, totaling approximately $3.6 billion in theft.
- Despite UN sanctions, North Korea continues illicit activities, supporting its economy through cyber theft and complex international evasion tactics.
According to a United Nations report viewed by Reuters, North Korea was involved in laundering $147.5 million in stolen cryptocurrency through the Tornado Cash platform in March. This illicit activity stemmed from a major cyber theft in 2023 from HTX, a cryptocurrency exchange. The UN sanctions monitors submitted these findings to the U.N. Security Council’s sanctions committee, indicating a broader pattern of cyberattacks orchestrated by North Korea.
The document, part of a broader analysis conducted by the UN, revealed that since 2017, North Korea has been implicated in 97 cyberattacks on cryptocurrency firms, with an estimated total value of $3.6 billion. These findings come after an intensive period of investigation covering incidents up until the current year.
Details of the Crypto Theft and Laundering
The stolen funds from the HTX exchange were specifically moved through Tornado Cash in March 2023. Tornado Cash, known for its ability to mix and obscure the origins of cryptocurrency, thus allowing for anonymity of transactions, was used by the perpetrators to launder the sizable amount of stolen cryptocurrency.
Moreover, the blockchain forensics firm Elliptic and crypto analytics firm PeckShield provided evidence that linked the laundering process to North Korea’s activities.
Further insights from the report suggest that in 2024 alone, there have been 11 instances of cryptocurrency thefts amounting to $54.7 million. These thefts are suspected to have involved North Korean IT workers, who may have been inadvertently employed by small crypto-related companies. This aspect underscores the sophisticated nature of North Korean operations, which often involve blending in through legitimate employment in the tech sector abroad.
International Response and Implications
The revelation of these activities has led to increased international scrutiny. The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) previously sanctioned Tornado Cash in August 2022. Following the sanctions, legal actions have continued against individuals associated with the platform, including the recent conviction of Alexey Pertsev by a Dutch court for his involvement in money laundering activities linked to Tornado Cash.
The disbanding of the U.N. sanctions monitors in April, after Russia vetoed the annual renewal of their mandate, has created a gap in ongoing international oversight. However, the unpublished work submitted to the committee offers critical insights into the mechanisms employed by North Korea to circumvent global sanctions and support its nuclear and ballistic missile programs.
Broader Geopolitical Context
North Korea’s cyber operations extend beyond financial thefts and are part of a more extensive strategy to support its sanctioned economy. The U.N. Security Council has imposed strict bans on North Korean exports like coal, iron, and textiles and capped imports of crude oil and petroleum products.
However, North Korea continues to find new methods to breach these sanctions, including suspected maritime activities involving the transfer of coal and other banned goods.
Moreover, the U.N. report touches on the geopolitical tensions involving arms trade between North Korea and Russia, highlighting ongoing maritime shipments and financial maneuvers within international banking networks that facilitate North Korea’s access to global markets despite sanctions.
This report reflects ongoing challenges in managing cybercrime and international sanctions evasion, with North Korea at the center of a complex matrix of geopolitical and economic issues. As the international community continues to respond, the effectiveness of sanctions and the ability to curb North Korea’s cyber-enabled financial strategies remain critical areas of concern.
Editorial credit: rafapress / Shutterstock.com
Tokenhell produces content exposure for over 5,000 crypto companies and you can be one of them too! Contact at info@tokenhell.com if you have any questions. Cryptocurrencies are highly volatile, conduct your own research before making any investment decisions. Some of the posts on this website are guest posts or paid posts that are not written by Tokenhell authors (namely Crypto Cable , Sponsored Articles and Press Release content) and the views expressed in these types of posts do not reflect the views of this website. Tokenhell is not responsible for the content, accuracy, quality, advertising, products or any other content or banners (ad space) posted on the site. Read full terms and conditions / disclaimer.