Harmony Attackers Attempt to Launder Another $27 Million

Please fol­low and like us:
Pin Share

Late last night, the attack­ers behind the Har­mo­ny exploit back in June 2022 attempt­ed to cash out anoth­er batch of their ill-begot­ten ETH gains.

Fol­low­ing the 41k ETH laun­dered via Tor­nado­Cash and Rail­gun two weeks ago, worth about 63.5 mil­lion at the time, the North Kore­an Lazarus Group made an attempt at laun­der­ing anoth­er $27.7 mil­lion worth of ETH.

Intercepted by Exchanges

How­ev­er, the attempt was not as suc­cess­ful as the last. Vir­tu­al­ly all of the ETH laun­dered two weeks ago was cashed out via unnamed exchanges. This time, the secu­ri­ty teams used were report­ed­ly able to freeze most of the funds.

It is up to exchanges to share exact­ly how much of the 17,278 in ETH was frozen.

Blockchain secu­ri­ty researcher ZachXBT orig­i­nal­ly sound­ed the alarm on Twit­ter, post­ing evi­dence of $17.7 mil­lion being moved through the two mix­ing tools and onto exchanges.

The orig­i­nal tweet was fol­lowed up when Zach dis­cov­ered anoth­er address mov­ing $10 mil­lion worth of ETH, bring­ing the total amount of pre-con­sol­i­da­tion address­es used to 10.

Status of Funds Unclear

The pre­vi­ous round of laun­der­ing saw a good por­tion of the Har­mo­ny funds turned into BTC, with an undis­closed amount frozen and seized by the FBI.

“Through our inves­ti­ga­tion, we were able to con­firm that the Lazarus Group […] are respon­si­ble for the theft of $100 mil­lion of vir­tu­al cur­ren­cy from Harmony’s Hori­zon bridge report­ed on June 24, 2022. […] (We will) con­tin­ue to iden­ti­fy and dis­rupt North Korea’s theft and laun­der­ing of vir­tu­al cur­ren­cy, which is used to sup­port North Korea’s bal­lis­tic mis­sile and Weapons of Mass Destruc­tion programs.”

The per­cent­age of funds frozen by cryp­to exchange secu­ri­ty teams seems to be much big­ger this time. What will hap­pen to them is still being deter­mined. It’s pos­si­ble they will be returned to Har­mo­ny in an attempt to make users whole.

How­ev­er, it’s much more like­ly that the stolen funds will be turned over to the FBI first, poten­tial­ly allow­ing their secu­ri­ty researchers to glean more info on the noto­ri­ous North Kore­an cyber­crime syndicate.

The news of the inter­cep­tion was wel­comed by the cryp­to com­mu­ni­ty, with many prais­ing both Zach and the secu­ri­ty teams at the unnamed exchanges for keep­ing watch dur­ing the wee hours of a week­end night.

SPECIAL OFFER (Spon­sored)

Binance Free $100 (Exclu­sive): Use this link to reg­is­ter and receive $100 free and 10% off fees on Binance Futures first month (terms).

PrimeXBT Spe­cial Offer: Use this link to reg­is­ter & enter POTATO50 code to receive up to $7,000 on your deposits.



Source link

Please fol­low and like us:
Pin Share

Leave a Reply

Your email address will not be published.