On August 18, the Lazarus Group was identified as the potential mastermind behind the theft of funds from Lykke, a cryptocurrency exchange platform registered in the UK. If confirmed, this would be the largest cryptocurrency theft carried out by North Korea in the UK to date. In recent years, this isolated country has obtained billions of dollars by stealing cryptocurrencies to support its military and nuclear projects.
Lykke was founded in 2015, with headquarters in Switzerland but registered in the UK. The company stated last year that its losses in Bitcoin, Ethereum, and other cryptocurrencies totaled $22.8 million (approximately £16.8 million), forcing it to suspend operations. In March this year, the UK court ordered the liquidation of the company, driven by lawsuits from over 70 victim users.
The Office of Financial Sanctions Implementation (OFSI) under the UK Treasury listed North Korea as a potential attacker in its latest report. The report stated: "This attack has been attributed to North Korean malicious hackers who stole funds on the Bitcoin and Ethereum networks." The Treasury said that OFSI did not disclose its sources but maintained close cooperation with law enforcement agencies.
The Israeli cryptocurrency research company Whitestream had also independently attributed the attack to the Lazarus Group. The company claimed that the attackers laundered the stolen funds through two other cryptocurrency companies notorious for "helping users hide their tracks," thereby evading anti-money laundering regulations. However, other researchers have questioned this conclusion, stating that it is not yet possible to definitively determine who attacked the exchange platform.
