A notorious North Korean hacking group known as the Lazarus Group are believed to be linked to last week’s $100 million (roughly Rs. 784 crore) heist on California-based layer-1 blockchain Harmony protocol’s Horizon bridge. As per blockchain research firm Elliptic, the manner in which the funds were stolen and subsequently laundered points to the involvement of The Lazarus Group. In April, the US government had concluded that Lazarus was also behind the $625 million (roughly Rs. 4,729 crore) hack of a cross-chain bridge used by the play-to-earn game Axie Infinity.
As per Elliptic’s report, the manner in which hacker perpetrated the attack, via social engineering, strongly alludes to previous Lazarus hacks. The Harmony attack additionally echoes the Axie Infinity hack in that stolen funds have been laundered in a pattern implying automated transfers.
“Although no single factor proves the involvement of Lazarus, in combination they suggest the group’s involvement,” says the report.
The development arrives within days of blockchain security company PeckShield revealing that hackers behind the Horizon Bridge theft have begun laundering the stolen funds. Etherscan data reveals that the wallet used by the cyber thieves in the attack sent out 18,000 ETH to a total of four wallet addresses.
This happened even after Harmony offered a $1 million (roughly 7.8 crore) bounty for the return of the stolen funds while also offering to waive law enforcement action should the hacker return the stolen crypto assets.
The hacker stole $100 million (roughly Rs. 784 crore) in several crypto coins and swapped them for Ethereum. Coins stolen were Wrapped Ethereum, Tether (USDT), and USD Coin (USDC) stablecoins.
Harmony’s blockchain bridge enables users to transfer digital assets between different blockchains, the most notable of which are the Binance Smart Chain, Ethereum, Bitcoin, and Harmony networks.
The hacker used this to their advantage, stealing a variety of digital assets spanning NFTs, metaverse land, and wrapped Ether.
Hackers have been targeting cross-chain bridges a lot in 2022. Qubit Finance’s bridge was hacked for $80 million (roughly Rs. 628 crore) back in January, thieves stole $320 million (roughly Rs. 2,510 crore) from the Wormhole bridge a month later, and hackers drained $625 million (roughly Rs. 4,730 crore) in Ether and USDC from Axie Infinity’s Ronin bridge in March.