North Korea’s Lazarus Hackers Try to Exfiltrate Harmony Funds

Please fol­low and like us:
Pin Share

North Kore­an hack­er group Lazarus made attempts to move funds worth $63 mil­lion that were stolen from last year’s Har­mo­ny bridge hack, but the cryp­to exchanges used for the process claim its trans­fers have been blocked.

Blockchain sleuth ZachXBT shared on Twit­ter that the group moved some 41,000 ETH over the week­end using Ethereum-based Rail­gun, a smart con­tract that keeps user iden­ti­ties pri­vate, to exchanges Binance, OKX and Huo­bi. The trans­ac­tions were car­ried out between Jan. 13 and 14.

ZachXBT also shared over 350 address­es asso­ci­at­ed with the hack­er group. 

Binance CEO Chang­peng Zhao tweet­ed that the exchange has pre­vi­ous­ly detect­ed the hacker’s fund move­ment, and that it coor­di­nat­ed with Huo­bi in freez­ing the accounts. They also togeth­er man­aged to recov­er 124 bit­coin ($2.6 mil­lion), accord­ing to Zhao, imply­ing that some of the stolen ether was swapped for bitcoin.

Huo­bi too was able to detect and pre­vent the hack­er from attempt­ing to laun­der funds, accord­ing to Justin Sun. About Cap­i­tal, Sun’s invest­ment firm, acquired Huo­bi in Octo­ber

Harmony’s Hori­zon bridge was one of the biggest hacks of last year. It allows users to move their cryp­toas­sets via cross-chain trans­fers between Ethereum, Binance Smart Chain and Har­mo­ny blockchains. The bridge was exploit­ed in June 2022 for $100 mil­lion, with the pro­ceeds ini­tial­ly moved via now-OFAC-sanc­tioned Tor­na­do Cash

Blockchain ana­lyt­ics firm Ellip­tic said that dif­fer­ent types of cryp­toas­sets were stolen includ­ing ETH, BNB, USDT, USDC and Dai. After the theft, the hack­er used dif­fer­ent types of decen­tral­ized exchanges to swap the tokens for ETH, which is a “com­mon tech­nique uti­lized by DeFi hack­ers,” the firm added. 

The total amount of funds lost to hacks in 2022 amount­ed to $4.3 bil­lion of cryp­tocur­ren­cy, rep­re­sent­ing a 37% jump from 2021. Smart con­tract vul­ner­a­bil­i­ties that lead to mali­cious exploits remain among the most press­ing threats that need to be solved in 2023.


Get the day’s top cryp­to news and insights deliv­ered to your inbox every evening. Sub­scribe to Block­works’ free newslet­ter now.

Inter­est­ed in work­ing at Block­works? We’re hir­ing jour­nal­ists, a VP of Sales, and engi­neers!  Check our open posi­tions.

Can’t wait? Get our news the fastest way pos­si­ble. Join us on Telegram.




Source link
Please fol­low and like us:
Pin Share

Leave a Reply

Your email address will not be published. Required fields are marked *