The UK Treasury’s sanctions office has formally accused North Korea’s Lazarus Group of orchestrating Lykke’s $23 million crypto theft, though some experts still question the attribution.
The UK Treasury’s Office of Financial Sanctions Implementation (OFSI) has accused North Korea’s Lazarus Group of conducting the 2023 cyberheist against Lykke, a UK-registered crypto exchange, that stole 158 BTC and 2,161 ETH valued at nearly $23 million. The stolen Ether was swapped for the stablecoin DAI, while Bitcoins were dispersed across multiple wallets. Lykke, founded in 2015 in Switzerland, was ordered into liquidation in March after a legal campaign by affected users. Whitestream, an Israeli blockchain analytics firm, also linked Lazarus to the attack, which could mark the largest North Korean crypto theft targeting the UK. However, some researchers dispute the attribution. Lazarus has been tied to other major 2024 hacks, including the $1.5 billion ByBit fraud and a $44 million CoinDCX breach.