"Elliptic analysis of the thief’s transactions leads us to attribute this hack to North Korea’s Lazarus Group, with a high level of confidence. This attribution is based on multiple factors, including:
The laundering of the stolen cryptoassets follows a series of steps that exactly match those employed to launder the proceeds of past hacks perpetrated by Lazarus Group.
The stolen assets are being laundered using specific services, including the Sinbad mixer, which have also been used to launder the proceeds of past hacks perpetrated by the Lazarus Group.
It's possible that the stolen cryptoassets have been co-mingled in wallets that hold the proceeds of past hacks perpetrated by Lazarus Group."
"This would mark the first major crypto theft publicly attributed to Lazarus Group since the $100 million exploit of Horizon Bridge in June 2022."
The latest update by Atomic Wallet notes that 'leading crypto incident investigator' from other surveillance firm Chainalysis is also on the case, trying "to trace stolen funds and liaise with exchanges and authorities."
It's worth noting that chain surveillance firms make use of probabilistic tools that cannot guarantee 100% accuracy of the results.