Lazarus Group from North Korea is connected to the $100M Harmony exploit

June 29, 2022

Lazarus Group from North Korea is connected to the $100M Harmony exploit

 

Lazarus Group from North Korea is connected to the $100M Harmony exploit

According to Elliptics, the recent Harmony Horizon Bridge exploit that resulted in the loss of $100 million was probably carried out by the notorious North Korean hacking outfit Lazarus. The blockchain analytics company stated in its research on the hack that the attack’s tactics are identical to those used for the Ronin Bridge issue from a few months back. The hacker took assets valued at $100 million in several cryptocurrencies like ETH, WBTC, USDT, and BNB. But they instantly used Uniswap to convert everything to ETH (UNI). This is a typical method of money laundering used by thieves, according to Elliptics.

Despite the fact that the crime took place on June 24, the hacker did not transfer the money until June 27. To make the money untraceable as of the time of publication, the hackers transferred about 41% of the assets, or about 39,000 ETH, through Tornado Cash. However, Elliptics asserted that it tracked the stolen money as it moved through Tornado currency to other wallets using transaction screening software. The blockchain analytics company claims that its examination of the hack and money laundering reveals that it is compatible with how the Lazarus organisation does its business. Although there is no concrete proof to support it, there is indirect evidence that it is true. With over $2 billion in profits, Lazarus Group is one of the most lucrative crypto hacking organisations in the world.

Additionally, the hacker used techniques similar to those employed by the Lazarus Group to carry out the theft by compromising the keys of a multi-sig wallet. Most studies indicate that crypto theft in North Korea is state-sponsored, in contrast to other nations where crypto crimes are primarily carried out in secret. According to a UN assessment from earlier this year, North Korea uses stolen cryptocurrency to support its ballistics and weapons programmes.

Read more: Terra employees are not allowed to leave South Korea, according to prosecutors

Exclusively hand curated news, written precisely in short by our editors for a 60 seconds read! We understand that reading multiple news from various resources could be monotonous, time consuming and less interesting. At Dcryptonews, you will experience a new style of reading news with smart keyword, ease of language that is easy to read for a quick news grasp.