BSV
$70
Vol 41.31m
1.99%
BTC
$93114
Vol 81821.61m
2.02%
BCH
$450.05
Vol 611.89m
1.39%
LTC
$87.19
Vol 1033.95m
-1.88%
DOGE
$0.4
Vol 13107.38m
8.02%
Getting your Trinity Audio player ready...

Horizon Bridge, a cross-chain bridge linking the Harmony blockchain to other blockchains, lost $100 million to hackers on June 24. Digital currency security firm Elliptic has stated that there are strong indications the hack is the work of the North Korean hackers—the Lazarus Group.

According to a report Elliptic published, the methods used by the hackers in carrying out the hack and laundering the funds are reminiscent of other incidents that have been linked to the Pyongyang-sponsored group.

For one, the hack occurred on a cross-chain bridge and was perpetuated by compromising the cryptographic keys of a multi-signature wallet through a social engineering attack on members of the Harmony team.

The Lazarus Group is known to focus its attacks on blockchain projects in the Asia Pacific (APAC) region “perhaps for language reasons.” Elliptic says that while Harmony is U.S. based, many of its team members have links to the APAC region.

Similarly, the method adopted by the hackers to launder the stolen funds through Tornado Cash, a mixing tool, also points to the group. Deposits of the funds in Tornado cash have followed a regular pattern that indicates it is being carried out by an automated tool. The tool also tends to pause during nighttime hours in the APAC region.

“Although no single factor proves the involvement of Lazarus, in combination they suggest the group’s involvement,” Elliptic said.

Elliptic has traced the trail of the hacker’s Tornado Cash deposits using its Tornado demixing capability. So far, about $39 million (35,000 ETH) has been laundered by the hackers it found. However, Harmony is still not close to recovering its funds.

The growing notoriety of North Korean hackers

The North Korean Lazarus Group has also been found to be behind the industry-shaking $620 million Axie Infinity Ronin Bridge hack that occurred in March, according to the U.S. Treasury Department. Elliptic notes that the group may have earned as much as $2 billion from hacks over the years.

The group is not the only North Korean state-sponsored perpetrator of cyber crimes. According to a report by Reuters, several hacking consortiums are being sponsored by the rogue government, which uses the proceeds to fund its nuclear program.

In a recent notice, three U.S. Department—the departments of Justice, State, and the Treasury—warned tech and digital assets companies to be watchful as North Korean hackers were targeting them to apply for IT roles.

Watch: The BSV Global Blockchain Convention panel, Law & Order: Regulatory Compliance for Blockchain & Digital Assets

https://youtu.be/RzSCrXf1Ywc?t=1013

Recommended for you

New Yorker faces 5 years sentence following $10B Bitfinex theft
Ilya Lichtenstein faced 20 years for stealing 120,000 BTC from Bitfinex, but prosecutors said he cooperated, had no priors, and...
November 19, 2024
Lutnick now a Treasury longshot; SEC’s Gensler resigned to resigning
Gary Gensler gave a speech in which he hinted that his time at the SEC was coming to a close;...
November 19, 2024
Advertisement
Advertisement
Advertisement