Lazarus Group, a notorious hacking organization in North Korea, has been linked to the recent attack on the Harmony Bridge. The attack on Harmony drained $100 million from the protocol, and despite the network offering a $1M bounty to have the funds returned, the hacking group laundered the stolen funds through Tornado Cash.

North Korea’s hacking group behind the Harmony attack

Harmony reported this breach on its network on June 23. The layer one network said the attacker had made away with $100 million worth of assets from the Horizon cross-chain bridge. Horizon is a bridge that allows users to transfer assets between Ethereum, BNB Chain, and the Harmony network.

This is the latest attack on cross-chain bridges. These bridges have been vulnerable to attacks over the past months. Earlier this year, the Wormhole bridge bridging the Solana and *+the Ethereum blockchains was breached for over $300 million worth of assets.

The attacker behind this breach on the Horizon Bridge stole dozens of assets from the protocol and then consolidated these assets into Ethereum through the Uniswap decentralized exchange. The attacker used the Tornado Cash blockchain mixer to hide and anonymize the transactions.

Elliptic published its findings on June 29 after the attacker used Tornado Cash to launder the stolen cryptocurrencies. The hacker used this tool to trace the movement of the stolen funds. Elliptic also added that the Lazarus Group was behind this attack.

“There are strong indications that North Korea’s Lazarus Group may be responsible for this theft based on the nature of the hack and the subsequent laundering of the stolen funds,” Elliptic added.

Lazarus Group’s hacks on crypto projects

The North Korean Lazarus Group is associated with the theft of more than $2 billion worth of cryptocurrencies. This group has been linked to attacks on exchanges and decentralized finance (DeFi) platforms.

The Lazarus group first started attacking the crypto space in 2017 after targeting some of the top crypto social trading platforms in South Korea. However, this group seems to have evolved and is not targeting cross-chain bridges.

In April, the US Treasury Department sanctioned a wallet address linked to the Lazarus hacking group. The wallet was involved in the $615M attack on Axie Infinity’s Ronin Bridge. The Ronin Bridge attack was one of the largest in crypto space. The hackers exploited these two platforms because they had a simple multi-signature account.

Related Stories

DeFi Coin (DEFC) - Undervalued Project

Our Rating

  • Listed on Bitmart, Pancakeswap
  • Native Token of New DEX - defiswap.io
  • Up to 75% APY Staking
  • Whitepaper and DeFi Tutorials - deficoins.io