The notorious North Korean-based Lazarus group has moved millions of dollars worth of Ethereum stolen from the Harmony hack over the weekend.
Harmony was attacked on the 22nd of June, 2022, with around $100 million stolen.
Huge Amount Of Stolen Funds On The Move
The notorious hacking collective, the Lazarus Group, has been busy moving millions worth of stolen ETH, capping a busy weekend for the notorious North Korean-backed group. Blockchain and crypto investigator ZachXBT posted details about the movement of the funds on Twitter, with the stolen assets originating from Tornado Cash and then going through Railgun. This smart contract privacy platform uses zero-knowledge proofs to obfuscate transactions.
According to ZachXBT’s post, Lazarus Group moved around 41,000 ETH, worth around $63.5 million, through Railgun, before depositing them on different exchanges. ZachXBT traced the movements of the transactions across over 350 separate addresses.
“North Korea’s Lazarus Group had a very busy weekend moving $63.5m (~41000 ETH) from the Harmony bridge hack through Railgun before consolidating funds and depositing on three different exchanges.”
The crypto analyst did not identify which exchanges were used to deposit the stolen funds but stated that the deposited funds were quickly withdrawn from them.
The Harmony Attack
The Lazarus Group has become quite well-versed in moving stolen crypto across platforms and preventing the authorities from tracking their movements. The group was linked with the Harmony Bridge attack, which took place in June 2022. A detailed report of the hack was published by Elliptic. The bridge was hacked for a staggering $100 million, and Elliptic used something called “Tornado demixing capabilities,” allowing it to trace the stolen funds from Tornado to other wallets.
The hackers were able to siphon off various assets from the bridge through eleven transactions, which were then sent to a wallet and swapped for ETH on Uniswap. The hack saw $100 million worth of assets stolen, including Frax (FRAX), Wrapped Ether (wETH), Aave (AAVE), SushiSwap (SUSHI)Frax Share (FXS), AAG (AAG), Binance USD (BUSD), Dai (DAI), Tether (USDT), Wrapped BTC (wBTC), and USD Coin (USDC).
The Harmony team stated that they are trying to recover the stolen funds, adding that they would not be pressing any criminal charges if the funds were returned, and offered a $1 million bounty. They also appealed to the hackers to share how the hack happened. So far, the team thinks hackers were able to access the funds through compromised private keys.
“We commit to a $1M bounty for the return of Horizon bridge funds, and sharing exploit information…Harmony will advocate for no criminal charges when funds are returned.”
A Growing Number Of Heists
The North Korean-backed Lazarus Group has become known for several high-profile heists and has stolen over $2 billion through these heists. The group switched its focus to decentralized finance (DeFi) and cross-chain bridges and is also suspected of being behind the $600 million Ronin hack. The group also went after Japan-based crypto exchanges in October 2022, targeting them with a wave of phishing attacks.
Disclaimer: This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.