A fresh wave of crypto theft has hit Japan, with investigators tying the loss of $21 million to tactics long associated with North Korean cybercrime groups.
Blockchain analyst ZachXBT reported that on September 24, attackers managed to drain wallets connected to SBI Crypto, a subsidiary of Japan’s financial giant SBI Group. The stolen funds, spread across Bitcoin, Ethereum, Litecoin, Dogecoin, and Bitcoin Cash, were swiftly routed through Tornado Cash – the controversial mixing service frequently used to launder hacked crypto.
The method of the exploit, according to ZachXBT and security partner Cyvers, mirrors previous Lazarus Group operations. The North Korean state-sponsored collective has been linked to billions in stolen digital assets over the past several years.
SBI Group has not issued an official statement, leaving unanswered questions about how the attackers infiltrated its systems and what recovery measures are being taken.
This incident follows a string of high-profile breaches. Earlier in 2025, intelligence firm Arkham connected Lazarus to a staggering $1.5 billion attack on Bybit, while ZachXBT previously traced more than $80 million in losses to an exploit at Iran’s Nobitex exchange.
Tornado Cash, the platform used to obfuscate the stolen tokens, has been under U.S. sanctions since 2022. Its co-founder Roman Storm now faces federal charges of conspiracy and money laundering, yet the protocol continues to play a central role in the global laundering of stolen funds.
With this latest case, Japan joins a growing list of markets forced to reckon with the scale of organized, state-backed crypto crime – and the ongoing difficulty of tracking stolen assets once they enter the Tornado Cash pipeline.
Source
The information provided in this article is for educational purposes only and does not constitute financial, investment, or trading advice. Coindoo.com does not endorse or recommend any specific investment strategy or cryptocurrency. Always conduct your own research and consult with a licensed financial advisor before making any investment decisions.
Reporter at Coindoo
Source: https://coindoo.com/north-korean-hackers-suspected-in-21m-crypto-heist-from-sbi/