North Korea-Linked Lazarus Group Suspect in Recent $100 Million Harmony Theft: Elliptic

As per Elliptic, the process used to hack into the Horizon bridge is similar in pattern to previous Lazarus Group heist.

By Shomik Sen Bhattacharjee | Updated: 30 June 2022 15:42 IST

North Korea-Linked Lazarus Group Suspect in Recent $100 Million Harmony Theft: Elliptic

Photo Credit: Pexels/ David McBee

Elliptic has traced the Harmony hack back to the North Korean Lazarus Group

Highlights

The hacking pattern is similar to previous Lazarus attacks
The hacker has already laundered the stolen amount in crypto
The attacker stole $100 million from Harmony's Horizon bridge

A notorious North Korean hacking group known as the Lazarus Group are believed to be linked to last week's $100 million (roughly Rs. 784 crore) heist on California-based layer-1 blockchain Harmony protocol's Horizon bridge. As per blockchain research firm Elliptic, the manner in which the funds were stolen and subsequently laundered points to the involvement of The Lazarus Group. In April, the US government had concluded that Lazarus was also behind the $625 million (roughly Rs. 4,729 crore) hack of a cross-chain bridge used by the play-to-earn game Axie Infinity.

As per Elliptic's report, the manner in which hacker perpetrated the attack, via social engineering, strongly alludes to previous Lazarus hacks. The Harmony attack additionally echoes the Axie Infinity hack in that stolen funds have been laundered in a pattern implying automated transfers.

"Although no single factor proves the involvement of Lazarus, in combination they suggest the group's involvement," says the report.

Samsung’s Bitcoin Mining Chip Enters Trial Production Stage: Reports

The development arrives within days of blockchain security company PeckShield revealing that hackers behind the Horizon Bridge theft have begun laundering the stolen funds. Etherscan data reveals that the wallet used by the cyber thieves in the attack sent out 18,000 ETH to a total of four wallet addresses.

This happened even after Harmony offered a $1 million (roughly 7.8 crore) bounty for the return of the stolen funds while also offering to waive law enforcement action should the hacker return the stolen crypto assets.

The hacker stole $100 million (roughly Rs. 784 crore) in several crypto coins and swapped them for Ethereum. Coins stolen were Wrapped Ethereum, Tether (USDT), and USD Coin (USDC) stablecoins.

Coinbase Enables Staking Benefits for Solana, to Offer Rewards for Staking SOL

Harmony's blockchain bridge enables users to transfer digital assets between different blockchains, the most notable of which are the Binance Smart Chain, Ethereum, Bitcoin, and Harmony networks.

The hacker used this to their advantage, stealing a variety of digital assets spanning NFTs, metaverse land, and wrapped Ether.

Hackers have been targeting cross-chain bridges a lot in 2022. Qubit Finance's bridge was hacked for $80 million (roughly Rs. 628 crore) back in January, thieves stole $320 million (roughly Rs. 2,510 crore) from the Wormhole bridge a month later, and hackers drained $625 million (roughly Rs. 4,730 crore) in Ether and USDC from Axie Infinity's Ronin bridge in March.

Will crypto tax hurt the industry in India? We discuss this on Orbital, the Gadgets 360 podcast. Orbital is available on Spotify, Gaana, JioSaavn, Google Podcasts, Apple Podcasts, Amazon Music and wherever you get your podcasts.

Affiliate links may be automatically generated - see our ethics statement for details.

Comments

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.