A U.S. district court has ruled that OFAC cannot reimpose sanctions on Tornado Cash, a crypto mixing service previously accused of laundering funds for North Korea’s Lazarus Group. Judge Robert Pitman issued a permanent injunction, citing OFAC’s lack of guarantee against future sanctions. The decision follows a Fifth Circuit Court reversal of OFAC’s 2022 sanctions, which targeted Tornado Cash’s smart contracts rather than specific entities. Despite OFAC’s removal of Tornado Cash from its sanctions list in March 2024, the court deemed the issue unresolved, prompting the injunction. Meanwhile, criminal cases against Tornado Cash developers Roman Storm and Roman Semenov continue, with the DeFi Education Fund advocating for reconsideration of charges to protect open-source development.
about US Court Permanently Blocks OFAC's Tornado Cash SanctionsLazarus
0 in Finance and 0 in Crypto last weekNorth Korean Hackers Use Fake US Firms to Target Crypto Devs
North Korean state-sponsored hacking group Lazarus has established sham US companies—Blocknovas LLC and Softglide LLC—using fake identities to post fraudulent crypto job listings. The scheme aims to infect applicants’ devices with malware to compromise cryptocurrency wallets and credentials, according to cybersecurity firm Silent Push. The FBI has seized Blocknovas’ domain, labeling it part of a law enforcement action against North Korean cyber actors. The Bureau warns affected individuals to secure their devices and identities, highlighting the group as a top-tier threat to US cybersecurity.
about North Korean Hackers Use Fake US Firms to Target Crypto DevsNorth Korean Hackers Use Fake Crypto Firms for Malware Scams
A report by Silent Push exposes Lazarus, a North Korean hacking group, for setting up fraudulent crypto consulting firms—BlockNovas LLC, Angeloper Agency, and SoftGlide LLC—to distribute malware via fake job interviews. The attackers use AI-generated employee photos and malware disguised as interview tools, including strains like BeaverTail and InvisibleFerret, to gain remote access to victims’ devices. The scheme involves social engineering tactics, such as fake error messages prompting users to execute malware-laden commands. This sophisticated operation highlights the growing threat of cybercrime in the crypto space, combining malware, deception, and AI-generated identities to evade detection.
about North Korean Hackers Use Fake Crypto Firms for Malware ScamsBybit CEO Launches Bounty to Combat Lazarus After Major Hack
Bybit’s CEO, Ben Zhou, has declared a “war against Lazarus” following a $1.4 billion hack attributed to the North Korean group. He announced a bounty program offering up to 10% rewards for tracing stolen funds, while the exchange claims to have restored client assets to 100%. This incident marks the largest hack in crypto history, with North Korean hackers reportedly stealing over $3 billion from exchanges since 2017.
about Bybit CEO Launches Bounty to Combat Lazarus After Major HackDeveloper Steals 50 Million in Crypto from Infini Amid Security Concerns
Infini has suffered a $50 million theft of USDC, allegedly orchestrated by a rogue developer who retained secret admin access after project completion. Despite the breach, Infini’s founder promised full compensation and did not pause withdrawals, while the responsible engineer has been reported to the police. This incident follows a record-breaking $1.4 billion hack at Bybit, raising concerns about crypto security amid a spate of attacks on various firms.
about Developer Steals 50 Million in Crypto from Infini Amid Security ConcernsMike Novogratz Opposes Ethereum Fork After Bybit Theft by Lazarus Group
Mike Novogratz, CEO of Galaxy Digital, has urged global authorities to take stronger action against the North Korean hacking group Lazarus, responsible for a $1.4 billion Ethereum theft from Bybit. While praising Bybit’s response, he opposed suggestions to roll back the Ethereum network, arguing that it would set a dangerous precedent and that the industry is now mature enough to handle such threats without drastic measures.
about Mike Novogratz Opposes Ethereum Fork After Bybit Theft by Lazarus GroupBybit Hack Highlights Security Flaws in Ethereum’s Virtual Machine System
Bybit suffered a staggering $1.4 billion loss in Ethereum due to a security breach, with Adam Back attributing the hack to the complexities of Ethereum’s Virtual Machine (EVM). He criticized the EVM’s intricate transaction structure, which he claims makes it easier for hackers to exploit vulnerabilities, particularly through blind signing.The attack, suspected to be orchestrated by the North Korean hacking group Lazarus, has reignited debates over the security of Ethereum compared to Bitcoin, with advocates emphasizing the latter’s simpler and more secure transaction model. In response, Bybit has implemented additional security measures to address the liquidity gap caused by the breach.
about Bybit Hack Highlights Security Flaws in Ethereum's Virtual Machine SystemEthereum Price Faces Uncertainty After Bybit Hack Fallout
Ethereum (ETH) has experienced a 35% decline since December 2024, exacerbated by a significant hack at Bybit, resulting in a bearish market sentiment. Despite a recent recovery attempt, technical indicators suggest a potential breakdown below the critical $2,500 support level, with further declines possible. The price action remains uncertain, as ETH trades within a short-term parallel channel, indicating a risk of additional sell-offs.
about Ethereum Price Faces Uncertainty After Bybit Hack FalloutBybit Hack Highlights Vulnerabilities in Ethereum Virtual Machine Security
Ethereum faced a significant setback as Bybit lost $1.4 billion in ETH due to a hack attributed to the North Korean group Lazarus. Adam Back criticized the Ethereum Virtual Machine’s complexity, claiming it enabled the hackers to exploit a blind signing mechanism during a transaction attempt from a cold wallet to a hot wallet. Despite calls for a rollback to recover the funds, the Ethereum team maintained that the transaction was legitimate within the protocol’s framework.
about Bybit Hack Highlights Vulnerabilities in Ethereum Virtual Machine SecurityAdam Back Criticizes Ethereum EVM After Bybit’s 1.4 Billion Dollar Hack
Adam Back, CEO of Blockstream, criticized the Ethereum Virtual Machine (EVM) as a key factor in the recent $1.4 billion hack of Bybit, attributing the breach to the EVM’s complexity. He noted that hardware wallets struggle with Ethereum’s intricate transactions, which allowed hackers to exploit a blind signing mechanism during a transfer attempt. The incident, linked to the North Korean hacking group Lazarus, has reignited discussions about Ethereum’s security and the legitimacy of the transaction that drained the wallet.
about Adam Back Criticizes Ethereum EVM After Bybit's 1.4 Billion Dollar HackPumpFun Delists Tokens Linked to Bybit Hacker’s Laundering Scheme
PumpFun has removed tokens linked to the Bybit hacker after uncovering their use in laundering stolen funds through rapid memecoin trading. The hacker, associated with the Lazarus group, launched the memecoin ‘QinShihuang,’ generating $26 million in trades within three hours. This incident highlights ongoing challenges in the crypto space regarding illicit activities and regulatory pressures.
about PumpFun Delists Tokens Linked to Bybit Hacker's Laundering SchemeTornado Cash Developer Released from Prison Amid Ongoing Legal Battles
Tornado Cash developer Alexey Pertsev was released from prison custody on February 7, 2025, and will remain under house arrest while preparing his legal appeal. He was found guilty of money laundering in May 2024, despite having no control over the funds processed by the Tornado Cash protocol. The case has raised concerns among privacy advocates and has implications for the regulation of privacy-preserving technologies.
about Tornado Cash Developer Released from Prison Amid Ongoing Legal Battles