A fresh study implies that a known hacking organisation with ties to North Korea may have been responsible for last week’s $100 million Harmony attack.
The Lazarus Group, a well-known North Korean hacker ring, has been identified as the prime suspect in the recent attack on the Harmony protocol in which $100 million were stolen.
According to a report published today by blockchain analysis firm Elliptic, the hacking of Harmony’s Horizon Bridge and subsequent laundering of stolen digital assets bear remarkable similarities to prior Lazarus Group breaches.
Based on the nature of the breach and the subsequent laundering of the stolen monies, there are strong evidence that North Korea’s Lazarus Group is likely responsible for this heist.
The Lazarus Group targeted the login credentials of Harmony personnel in the Asia-Pacific area in order to compromise the protocol’s security system, as described by Elliptic. After obtaining control of the protocol, the cybercriminals implemented automated systems to launder the stolen funds overnight.
Over forty percent of the $100 million has already been transferred to Tornado Mixer, an Ethereum-based “mixing service” that obscures transaction data and makes it extremely difficult for investigators to track the movement of assets, according to Elliptic.
Initially, the Harmony team promised a $1 million reward to hackers who returned the stolen assets. However, on June 29, Harmony increased the reward to $10 million, claiming that a full return of the assets would end the inquiry and result in no further criminal proceedings.
April’s 600 million dollar Ronin bridge breach has also been traced back to The Lazarus Group. Due to current market conditions, the stolen Ether (ETH) is now worth $230 million, a drop of more than 60 percent.
North Korea has employed 7,000 full-time hackers to raise revenue through cyberattacks, ransomware, and crypto protocol intrusions, according to a new report from Coinclub.com. North Korea leads the globe in cryptocurrency-related cybercrime, with over 15 instances of cyber theft totaling over $1.59 billion.
Harmony’s Horizon Bridge is the most recent addition to a growing list of token bridges that have been targeted, joining Meter, Wormhole, and Ronin, and increasing the total amount of bridge token stolen in 2022 to approximately $1 billion.
Poly Network was the largest token bridge to be compromised in 2021, losing $610 million that was almost totally recovered.
Disclaimer: These are the writer’s opinions and should not be considered investment advice. Readers should do their own research.