Lazarus Group from North Korea is connected to the $100M Harmony exploit
According to Elliptics, the recent Harmony Horizon Bridge exploit that resulted in the loss of $100 million was probably carried out by the notorious North Korean hacking outfit Lazarus. The blockchain analytics company stated in its research on the hack that the attack’s tactics are identical to those used for the Ronin Bridge issue from a few months back. The hacker took assets valued at $100 million in several cryptocurrencies like ETH, WBTC, USDT, and BNB. But they instantly used Uniswap to convert everything to ETH (UNI). This is a typical method of money laundering used by thieves, according to Elliptics.
Despite the fact that the crime took place on June 24, the hacker did not transfer the money until June 27. To make the money untraceable as of the time of publication, the hackers transferred about 41% of the assets, or about 39,000 ETH, through Tornado Cash. However, Elliptics asserted that it tracked the stolen money as it moved through Tornado currency to other wallets using transaction screening software. The blockchain analytics company claims that its examination of the hack and money laundering reveals that it is compatible with how the Lazarus organisation does its business. Although there is no concrete proof to support it, there is indirect evidence that it is true. With over $2 billion in profits, Lazarus Group is one of the most lucrative crypto hacking organisations in the world.
Additionally, the hacker used techniques similar to those employed by the Lazarus Group to carry out the theft by compromising the keys of a multi-sig wallet. Most studies indicate that crypto theft in North Korea is state-sponsored, in contrast to other nations where crypto crimes are primarily carried out in secret. According to a UN assessment from earlier this year, North Korea uses stolen cryptocurrency to support its ballistics and weapons programmes.