advertisement

North Korean Cybercriminals Responsible for $100 Million Harmony Hack: Details

Harmony

According to the analysis, the Lazarus Group, which was backed by Pyongyang and responsible for another $622 million in hacks of Axie Infinity, is responsible for the theft. The layer 1 blockchain team said it will provide a $1 million reward to anyone with information about the attacker after hackers stole $100 million in cryptocurrencies from Harmony Protocol on Friday.

The Lazarus Group, a prominent cybercriminal group with ties to North Korea, was involved in the way the money was taken and then laundered, claims a report published today by blockchain analytics company Elliptic.

Lazarus, a “state-sponsored hacking group,” according to the FBI, was found to be responsible for the $622 million hacks of a cross-chain bridge utilized by the play-to-earn game Axie Infinity, as the U.S. government discovered in April. Cross-chain bridges are used to interconnect sidechains (like Axie’s Ethereum sidechain Ronin), which can provide speed and lower transaction fees before passing work back to more secure blockchains like the Ethereum mainnet. They connect blockchains and are frequently used to link sidechains.

The Horizon Bridge, a cross-chain bridge between Bitcoin, Ethereum, and the Binance Chain, was where Harmony’s attack also happened. The similarity between the two cross-chain bridge assaults is one sign that Lazarus is probably involved, according to Elliptic’s study. The hacker’s use of social engineering to carry out the attack makes references to other Lazarus hacks. The Harmony assault also has similarities to the Axie Infinity hack in that the laundered pattern of the stolen money suggests automated transfers.

The report claims, “Although no single factor proves the involvement of Lazarus, in combination, they suggest the group’s involvement.”

Other such factors include the fact that several members of the Harmony team have ties to the Asia-Pacific region and that Lazarus frequently targets people in Asia, maybe as a result of the languages utilized.

Additionally, the only times the hackers have ceased transferring money that has been laundered coincide with nighttime in the Asia-Pacific region.

The fund has been used to date as a kind of money laundering through the mixing service Tornado Cash, which enables users to pool large sums of cryptocurrencies and exchange them for other coins in a way that obscures transaction histories.

In this situation, Elliptic was able to “demix” the Tornado Cash transaction traces left by the Harmony hackers and was able to locate the stolen money in several fresh Ethereum wallets. While exchanges and companies might utilize this information to make sure they don’t take any of the stolen money, Harmony has no way to get their money back.

Image Credit: Shutterstock

Get Latest Cryptocurrency And Bitcoin News

Signup this form below to get latest Cryptocurrency and Bitcoin news, directly in your mailbox

Note:

Keep in mind that we may receive commissions when you click our links and make purchases. However, this does not impact our reviews and comparisons. We try our best to keep things fair and balanced, in order to help you make the best choice for you.