The theft originated from a May 16, 2025, attack where a victim lost $3.2 million from multiple Solana addresses, according to ZachXBT. The hackers market-sold the assets and bridged funds to the Ethereum chain before depositing 800 ETH into Tornado Cash across two transactions: 400 ETH on June 25 and another 400 ETH on June 27.

Image shared by ZachXBT in his Telegram channel.

Approximately $1.25 million in DAI and Ethereum remains untouched at the address “0xa5f,” ZachXBT stated. The Solana theft address is identified as “C4WY1.”

The Lazarus Group, a state-sponsored hacking collective operated by North Korea, conducts large-scale cyberattacks to fund the regime’s weapons programs. It has stolen billions in cryptocurrency since 2018 through exchange hacks, ransomware, and phishing schemes, drawing sanctions from the U.S. Treasury.

Authorities and investigators like ZachXBT will likely monitor the unmoved $1.25 million as blockchain analysts trace the Lazarus Group’s cross-chain laundering tactics. With Tornado Cash’s role, however, the Ethereum-based tool obscures transaction trails and makes it more difficult.

免责声明：本文章仅代表作者个人观点，不代表本平台的立场和观点。本文章仅供信息分享，不构成对任何人的任何投资建议。用户与作者之间的任何争议，与本平台无关。如网页中刊载的文章或图片涉及侵权，请提供相关的权利证明和身份证明发送邮件到support@aicoin.com，本平台相关工作人员将会进行核查。