TL;DR
- North Korea’s Lazarus Group is accused of stealing $23 million from UK-registered crypto exchange Lykke, leading to its permanent closure.
- More than 70 customers are pursuing compensation through UK courts, claiming combined losses of £5.7 million.
- Investigations by the UK Treasury and Israeli researchers indicate that Lazarus laundered the funds via multiple cryptocurrency platforms, highlighting ongoing risks for exchanges without robust security measures.
The UK-registered cryptocurrency platform Lykke has permanently ceased operations after a devastating $23 million hack attributed to North Korea’s Lazarus Group. The attack involved thefts on both Bitcoin and Ethereum networks, leaving retail investors scrambling to recover lost funds through liquidation proceedings. Founded in Switzerland in 2015, Lykke offered zero-fee cryptocurrency trading and had registered in the UK to expand its European operations. The platform had attracted thousands of users worldwide who relied on its fast trading system and simple interface.
The Office of Financial Sanctions Implementation (OFSI) confirmed the attack was carried out by “Korean malicious cyber actors,” linking it to the broader efforts of North Korea to fund strategic programs using stolen digital assets. Following the theft, Lykke halted trading and eventually filed for liquidation, with Swiss and UK authorities collaborating closely to oversee the winding-up process and evaluate remaining assets.
Legal Fallout And Customer Claims
Over 70 customers filed legal actions claiming losses of £5.7 million. The UK courts ordered the liquidation of Lykke, while Interpath Advisory was appointed to manage asset distribution. Lykke’s founder, Richard Olsen, declared bankruptcy in January 2025 and now faces criminal investigations in Switzerland. Despite promises to recover funds, the company never resumed operations, highlighting vulnerabilities even in platforms with established track records and demonstrating the challenges of securing digital assets on a global scale.
Attribution And Money Laundering Networks
Whitestream, an Israeli crypto research firm, confirmed Lazarus’ involvement, noting that the stolen funds were moved through multiple cryptocurrency companies known for obscuring transactions. By converting Ether into DAI stablecoins and transferring Bitcoins to numerous wallets, the attackers evaded typical anti-money laundering controls. Some cybersecurity experts remain cautious, emphasizing that attributing state-backed actors requires careful verification and continuous monitoring of crypto networks.
If confirmed, this would mark Lazarus Group’s largest heist targeting a UK-based exchange, adding to a global series of cyber thefts that reportedly net billions for North Korea. Analysts emphasize that such attacks underscore the importance of robust security and regulatory frameworks in crypto markets, even as digital assets continue to grow in adoption worldwide. Lykke’s closure illustrates both the potential gains and systemic risks present in the rapidly evolving cryptocurrency ecosystem.
