North Korean hackers suspected in $100 million Harmony heist

Bloomberg |
Jun 30, 2022 07:31 AM IST

Harmony confirmed that its Horizon Bridge, a seamless layer which allows cryptocurrency to move across different blockchains, had been hacked last week.

Suspected North Korean hackers known as the Lazarus Group are believed to be behind the recent $100 million heist on California blockchain Harmony, a firm that tracks stolen cryptocurrency said Wednesday.

The North Korean government has consistently denied any role in cyber-enabled theft.
The North Korean government has consistently denied any role in cyber-enabled theft.

Harmony confirmed that its Horizon Bridge, a seamless layer which allows cryptocurrency to move across different blockchains, had been hacked last week.

We're now on WhatsApp. Click to join.

The blockchain forensics company Elliptic Enterprises Ltd., which has been tracking Harmony’s stolen cryptocurrency to identify who is moving it around the web, said it believes the Lazarus Group was responsible because the laundering method bears their hallmarks. In April, the US Department of Homeland Security issued an alert saying the group was sponsored by the North Korean government, and that it has targeted crypto firms since 2020.

In this case, the hackers targeted username and password credentials of Harmony workers in Asia Pacific to break into the bridge, Elliptic said. While using automated laundering services, hackers moved the funds during Asia Pacific night time hours. All of these are signatures of Lazarus’ attack methods, Elliptic added.

As of Wednesday, the hacker has already sent 41% of the $100 million to a Tornado Cash mixer, according to Elliptic, a reference to the service used to hide the transaction trail.

The hack bore similarities to the recent $600 million Ronin Bridge attack, which was attributed to Lazarus by the US Treasury Department, Elliptic said.

“There are strong indications that North Korea’s Lazarus Group may be responsible for this theft, based on the nature of the hack and the subsequent laundering of the stolen funds,” Elliptic wrote in a blog published on Wednesday.

“Team members are working to gather wallet data and strategize plans based on the impact the Horizon bridge theft has caused on users,” Horizon said on Twitter.

While remarkable for the sheer amount of stolen cryptocurrency, the Horizon attack highlighted a vulnerability in so-called cryptocurrency bridges, which have been seen as a solution to clunky inoperability of some blockchains and virtual currencies.

However recent hacks suggest bridges are more exposed to breaches as the technology running them is complex, making them a prime target for hackers.

The North Korean government has consistently denied any role in cyber-enabled theft.

"Exciting news! Hindustan Times is now on WhatsApp Channels Subscribe today by clicking the link and stay updated with the latest news!" Click here!
Get Latest World News along with Latest News from India at Hindustan Times.
SHARE THIS ARTICLE ON
SHARE
Story Saved
Live Score
OPEN APP
×
Saved Articles
Following
My Reads
My Offers
Sign out
New Delhi 0C
Tuesday, October 03, 2023
Start 14 Days Free Trial Subscribe Now
Register Free and get Exciting Deals