The latest reports show North Korean hackers are behind the latest Harmony hack and it is possibly the same group that made the attack on Axie Infinity a few months ago so let’s read more today in our latest cryptocurrency news.
After hackers stole $100 million in crypto from Harmony Protocol, the team behind the layer 1 blockchain announced they will offer $1 million rewards to anyone that has information about the hacker. The reports show North Korean hackers are once again behind the attack because of the manner in which the funds were stolen and laundered, which coincided with the involvement of the Lazarus Group. The US government concluded that Lazarus as a state-sponsored hacking organization was behind the $622 million hacks of Axie Infinity’s Ronin Bridge. The cross-chain bridges connect blockchains and are often used to link sidechains whcih can speed and lower transaction fees before passing work back to secure blockchains.
Harmony’s hack occurred on the Horzion bridge which is a cross-chain bridge that connects Harmony to Ethereum, bitcoin, and Binance Chain. Elliptic’s report noted similarities between the cross-chain bridge attacks as one of the indications of Lazarus’ involvement. How the hackers perpetrated the attack alludes to previous hacks. The attack echoes the Axie Infinity hack in the stolen funds that were laundered as a pattern showing automated transfers:
“Although no single factor proves the involvement of Lazarus, in combination, they suggest the group’s involvement.”
Other factors include the fact that Harmony team members are connected to the Asia Pacific region and Lazarus often goes after Asian-based targets due to the languages used. Furhter, the only times the hackers stopped offloading the funds are consistent with nighttime hours in the Asia Pacific region. The funds were laundered via mixing services like Tornado Cash which allows users to pool amounts of cryptocurrencies and then swap them for other coins which is a process often used to launder stolen tokens.
Elliptic was able to demix the trails of the hackers’ Tornado Cash transactions in this case and then traced the funds to a number of ETH wallets. While exchanges and businesses can use the information to ensure they don’t accept the stolen funds, the information provides no means for recovery.
DC Forecasts is a leader in many crypto news categories, striving for the highest journalistic standards and abiding by a strict set of editorial policies. If you are interested to offer your expertise or contribute to our news website, feel free to contact us at [email protected]
Discussion about this post