- The firm has offered a $1 million bounty for returning the stolen assets.
- Social engineering, the method used by the hacker, refers to earlier Lazarus attacks.
Hackers stole $100 million worth of crypto from Harmony Protocol recently. The organization behind the layer 1 blockchain has offered a $1 million bounty for returning the stolen assets. According to a report issued today by blockchain analytics company Elliptic, the Lazarus Group, a prominent cybercriminal group with ties to North Korea, is suspected of being involved in the theft and subsequent laundering of the cash.
There are strong indications that North Korea’s Lazarus Group may be responsible for the $100 million Harmony heist | 41% of the stolen cryptoassets have been moved through the Tornado Cash mixer | Read our analysis:https://t.co/CoS2Ozu0WG
— elliptic (@elliptic) June 29, 2022
Similar Exploit Techniques Found
U.S. authorities decided that Lazarus, which the FBI called a “state-sponsored hacking organization,” was responsible for hacking a cross-chain bridge utilized by the game “Axie Infinity” that resulted in a $622 million loss. It is common to employ cross-chain bridges to connect sidechains (such as Axie’s Ethereum sidechain Ronin), which may give speed and cheaper transaction costs before handing work back to more secure blockchains like the Ethereum mainnet.
When hackers breached Harmony, it was on the Horizon cross-chain bridge that connects it to other blockchains, including Ethereum and Binance Chain. According to Elliptic’s analysis, the similarity between the two cross-chain bridge assaults is one indicator that Lazarus may have been involved.
Social engineering, the method used by the hacker, refers to earlier Lazarus attacks. The Axie Infinity breach is also echoed in the Harmony assault, where stolen monies were laundered in a fashion that suggests automated transfers.
The report mentioned:
“Although no single factor proves the involvement of Lazarus, in combination they suggest the group’s involvement.”
Lazarus’ preference for Asia-based targets may be attributed to the fact that many of Harmony’s team members have connections in the area and the languages they speak. As a result, the hackers have paused their money-laundering operations only at nighttime in the Asia Pacific area. These monies were linked to various new Ethereum wallets thanks to Elliptic’s “demixing” of the Tornado Cash transaction trail.
Recommended For You:
Harmony Protocol Attacker Starts Laundering Money Through Tornado Cash