Lykke Exchange Shuts Down After $23M Lazarus Group Hack

• Back in June last year, Lykke suffered a theft of 158 BTC and 2,161 ETH, causing the exchange to shut down
• Recent investigations by UK authorities, including the Treasury‘s sanctions office, attributed the Lykke hack to North Korea’s infamous Lazarus Group
• Analysts estimate that the group had siphoned off over $1.6 billion in crypto this year alone

In June 2024, Lykke, a no-fee crypto exchange registered in the UK and headquartered in Switzerland, suffered a major breach. The result was the theft of 158 BTC and 2,161 ETH, totaling approximately $23 million. Both Lykke UK and Lykke Corp AG were affected, prompting immediate suspension of trading and withdrawals.

In the recent report by the Office of Financial Sanctions Implementation, the hack was attributed to North Korea‘s infamous Lazarus Group and other DPRK (Democratic People’s Republic of Korea) cyberactors.

The Lazarus Group is a state-linked cybercrime collective responsible for numerous global crypto heists. It is also the perpetrator of the largest crypto exchange theft to date, when it stole $1.5 billion from Bybit in February this year.

The Lykke event is now considered potentially the largest North Korea–linked crypto theft involving a British company.

Unfortunately, the hack shows once again that cyberattacks are a continuing problem for the crypto world. Its a clear warning that crypto companies need to get much better at protecting themselves and their customers.

The many hacks of the Lazarus Group

North Korea‘s hackers have many victims on their sheet as the group has stolen billions so far. Some of the recent attacks include Taiwan’s BitoPro exchange, which took place in May, leading to $11.5 million lost in customer assets through a social engineering attack.

Also in the same month, the group drained $3.2 million from Solana wallets. Assets were quickly bridged to Ethereum and partially laundered via Tornado Cash.

Additionally, security experts from Cyvers believe the Lazarus Group was also responsible for the July 19 attack on the CoinDCX exchange in India, which resulted in a loss of $44 million.

In the last few months, Lazarus conducted targeted thefts of $5.2 million from individual crypto traders as well, laundering proceeds via bridges and mixers.

Analysts estimate that the group has siphoned off over $1.6 billion in crypto this year alone. It remains a persistent and evolving threat, so crypto exchanges and their customers need to quickly improve their security and be vigilant to stay safe.