The UK Treasury has formally attributed a £17 million ($22.8 million) cryptocurrency theft to North Korea's Lazarus Group, leading to the collapse of UK-registered trading platform Lykke. The 2024 cyberattack targeted Bitcoin (BTC), Ethereum (ETH), and other digital assets, with the Office of Financial Sanctions Implementation (OFSI) identifying "malicious Democratic People’s Republic of Korea cyber actors" as perpetrators.
Israeli blockchain firm Whitestream corroborated the findings, tracing laundered funds through two cryptocurrency platforms with weak anti-money laundering compliance. The heist forced Lykke to suspend operations by December 2024, culminating in a March 2025 UK court liquidation order after over 70 customers filed a £5.7 million damages claim. Founder Richard Olsen, declared bankrupt in January 2025, faces Swiss criminal investigations related to the exchange's failure.
The incident underscores vulnerabilities in smaller exchanges and Lazarus Group's expanding crypto-targeted operations, which historically funded North Korea's weapons programs. UK regulators now face pressure to strengthen oversight amid concerns over state-sponsored cybercrime exploiting blockchain anonymity to evade sanctions.