North Korean Hackers Reportedly Behind the $100 Million Harmony Exploit
Elliptic reportedly claimed that the criminal organization which drained $100 million worth of crypto from Harmony was the Lazarus Group.
The notorious North Korean hacking group – the Lazarus Group – is suspected to be the one that attacked the cryptocurrency protocol Harmony. The criminal organization has been involved in numerous similar heists throughout the recent years.
The Lazarus Group’s Next Victim
Last week, Harmony revealed that wrongdoers breached its Horizon Bridge and drained approximately $100 million worth of Ethereum. Shortly after, Harmony’s team launched a “global manhunt” for the criminals responsible for the attack.
Cited by Bloomberg, the firm that tracks stolen digital assets – Elliptic Enterprises – stated that the exploit was most likely carried out by the Lazarus Group (a cybercrime entity backed by the North Korean state). According to the company, the laundering methods were much similar to maneuvers previously used by the hackers:
“There are strong indications that North Korea’s Lazarus Group may be responsible for this theft, based on the nature of the hack and the subsequent laundering of the stolen funds.”
In addition, Elliptic explained in detail how the heist was carried out. The Lazarus Group targeted username and password credentials of Harmony’s employees in the Asia Pacific region to breach the protocol’s security system. Once gaining control, the criminals employed automated laundering services to move the stolen assets during nighttime hours.
Elliptic also claimed that the hacking organization has already transferred over 40% of the $100 million to a Tornado Cash mixer.
A recent research conducted by Coincub estimated that North Korea is by far the top-ranked nation for crypto crime. Over the years, skilled hackers from the totalitarian country have targeted governments and private companies across the globe, stealing more than $1.5 billion in digital assets between 2017-2022.
Stolen Crypto Fuels Nuclear Experiments
Earlier this year, the United Nations (UN) also accused North Korea of stealing cryptocurrencies worth millions of dollars and claimed that the Asian state used those assets to fund missile and nuclear trials.
The UN reminded that the North Korean government had launched nine nuclear experiments in January alone, the largest number of such tests that the nation has executed in a single month.
Despite the multiple warnings and severe sanctions, Pyongyang has continued to develop its ballistic missile infrastructure:
“DPRK demonstrated increased capabilities for rapid deployment, wide mobility (including at sea), and improved resilience of its missile forces.”
Unsurprisingly, Russia and China refused to sign the UN’s statement, which accuses North Korea of funding its nuclear trials with stolen crypto assets.