研究人員稱，北韓駭客與原子錢包洩漏有關

加密貨幣專家認為，北韓國家支持的駭客最近策劃了對 Atomic Wallet 用戶的攻擊，造成估計數百萬美元的重大損失。據報道，非託管去中心化錢包 Atomic Wallet 遭遇了一次洩露，影響了不到 1% 的用戶，導致約 3500 萬美元的加密資產被盜。區塊鏈分析公司 Elliptic 將攻擊歸咎於 Lazarus 集團，該集團因透過 Sinbad 洗錢被盜的加密資產而聞名，Sinbad 是一個此前與該集團活動有關的加密貨幣混合器。

North Korean Hackers Implicated in Atomic Wallet Breach

北韓駭客涉嫌原子錢包洩露

Tallinn, Estonia - Cybersecurity researchers have attributed the recent hack on Atomic Wallet, a decentralized cryptocurrency wallet service, to North Korean state-sponsored hackers known as the Lazarus Group.

愛沙尼亞塔林 - 網路安全研究人員將最近對去中心化加密貨幣錢包服務 Atomic Wallet 的駭客攻擊歸咎於北韓國家支持的名為 Lazarus Group 的駭客。

Atomic Wallet, which supports over 500 cryptocurrencies and claims over five million users globally, confirmed on June 3 that it had received reports of compromised wallets and launched an investigation. While the company has not disclosed the number of affected users or the value of stolen assets, independent blockchain analysis firm Elliptic has estimated the losses at approximately $35 million.

Atomic Wallet 支援 500 多種加密貨幣，聲稱在全球擁有超過 500 萬用戶，該錢包於 6 月 3 日證實，已收到有關錢包受損的報告並啟動了調查。雖然該公司尚未透露受影響的用戶數量或被盜資產的價值，但獨立區塊鏈分析公司 Elliptic 估計損失約 3,500 萬美元。

Elliptic's analysis, which was conducted with "a high level of confidence," suggests that the Lazarus Group is responsible for the hack based on the laundering patterns used to conceal the stolen crypto assets. These patterns, according to Elliptic, closely resemble those employed in previous hacks attributed to the group, including the $625 million Ronin Network hack in 2022.

Elliptic 的分析是「高度自信」地進行的，分析表明，基於用於隱藏被盜加密資產的洗錢模式，Lazarus 集團應對這次駭客攻擊負責。 Elliptic 表示，這些模式與該組織先前遭受的駭客攻擊非常相似，其中包括 2022 年價值 6.25 億美元的 Ronin Network 駭客攻擊。

Further investigation revealed that the hackers are laundering the stolen funds through Sinbad, a cryptocurrency mixer that enables users to conceal the origin of their funds. Elliptic believes Sinbad is a rebrand of Blender.io, a mixer previously sanctioned by the U.S. Treasury for facilitating North Korean money laundering activities.

進一步調查顯示，駭客正在透過 Sinbad 洗錢，這是一種加密貨幣混合器，使用戶能夠隱藏資金來源。 Elliptic 認為 Sinbad 是 Blender.io 的重塑品牌，Blender.io 是一家混合公司，此前曾因便利朝鮮洗錢活動而受到美國財政部的製裁。

In May 2022, the U.S. Treasury identified Blender.io as a tool used by North Korea to "support its malicious cyber activities." The Lazarus Group was specifically implicated in laundering over $20 million of the stolen funds from the Ronin Network hack through Blender.io.

2022 年 5 月，美國財政部將 Blender.io 認定為北韓用來「支持其惡意網路活動」的工具。 Lazarus Group 涉嫌透過 Blender.io 對 Ronin Network 駭客攻擊中被盜資金進行了超過 2000 萬美元的洗錢活動。

Independent blockchain researcher @ZachXBT also noted similarities between the laundering patterns in the Atomic Wallet hack and previous hacks linked to the Lazarus Group, including the Harmony Horizon Bridge hack in which $100 million in cryptocurrency was stolen.

獨立區塊鏈研究員@ZachXBT 也指出，Atomic Wallet 駭客攻擊中的洗錢模式與先前與Lazarus Group 有關的駭客攻擊之間存在相似之處，其中包括Harmony Horizo​​n Bridge 駭客攻擊，其中1 億美元的加密貨幣被盜。

The exact methods used to compromise Atomic Wallet's systems remain unknown, and it is unclear whether affected users will be compensated. However, Atomic Wallet has stated that it is committed to assisting victims and has engaged third-party assistance to trace stolen funds and collaborate with exchanges and authorities.

用於破壞 Atomic Wallet 系統的確切方法仍然未知，也不清楚受影響的用戶是否會得到補償。不過，Atomic Wallet 表示，它致力於協助受害者，並已聘請第三方協助追蹤被盜資金，並與交易所和當局合作。

In a related development, U.S. officials recently imposed new sanctions on North Korea, targeting its illicit IT workforce, which the country has used to fraudulently gain employment and finance weapons of mass destruction programs. North Korean hackers have been actively targeting blockchain companies and developing malicious crypto-stealing apps as part of these efforts.

與此相關的事態發展是，美國官員最近對北韓實施了新的製裁，目標是其非法 IT 勞動力，該國利用這些勞動力以欺詐手段獲得就業機會並為大規模殺傷性武器計劃提供資金。作為這些努力的一部分，北韓駭客一直積極瞄準區塊鏈公司並開發惡意加密貨幣竊取應用程式。