North Korean hackers suspected in $100 million Harmony heist

Published on Jun 30, 2022 07:31 AM IST
Harmony confirmed that its Horizon Bridge, a seamless layer which allows cryptocurrency to move across different blockchains, had been hacked last week.
The North Korean government has consistently denied any role in cyber-enabled theft.
The North Korean government has consistently denied any role in cyber-enabled theft.
Bloomberg |

Suspected North Korean hackers known as the Lazarus Group are believed to be behind the recent $100 million heist on California blockchain Harmony, a firm that tracks stolen cryptocurrency said Wednesday.

Harmony confirmed that its Horizon Bridge, a seamless layer which allows cryptocurrency to move across different blockchains, had been hacked last week.

The blockchain forensics company Elliptic Enterprises Ltd., which has been tracking Harmony’s stolen cryptocurrency to identify who is moving it around the web, said it believes the Lazarus Group was responsible because the laundering method bears their hallmarks. In April, the US Department of Homeland Security issued an alert saying the group was sponsored by the North Korean government, and that it has targeted crypto firms since 2020.

In this case, the hackers targeted username and password credentials of Harmony workers in Asia Pacific to break into the bridge, Elliptic said. While using automated laundering services, hackers moved the funds during Asia Pacific night time hours. All of these are signatures of Lazarus’ attack methods, Elliptic added.

As of Wednesday, the hacker has already sent 41% of the $100 million to a Tornado Cash mixer, according to Elliptic, a reference to the service used to hide the transaction trail.

The hack bore similarities to the recent $600 million Ronin Bridge attack, which was attributed to Lazarus by the US Treasury Department, Elliptic said.

“There are strong indications that North Korea’s Lazarus Group may be responsible for this theft, based on the nature of the hack and the subsequent laundering of the stolen funds,” Elliptic wrote in a blog published on Wednesday.

“Team members are working to gather wallet data and strategize plans based on the impact the Horizon bridge theft has caused on users,” Horizon said on Twitter.

While remarkable for the sheer amount of stolen cryptocurrency, the Horizon attack highlighted a vulnerability in so-called cryptocurrency bridges, which have been seen as a solution to clunky inoperability of some blockchains and virtual currencies.

However recent hacks suggest bridges are more exposed to breaches as the technology running them is complex, making them a prime target for hackers.

The North Korean government has consistently denied any role in cyber-enabled theft.

SHARE THIS ARTICLE ON
Close Story
QUICKREADS

Less time to read?

Try Quickreads

  • FILE PHOTO: The Mumbai-born novelist was speaking at an event at the Chautauqua Institution when the suspect ran up onto the stage and attacked Mr Rushdie and an interviewer.

    Terrible day for authors everywhere, say Salman Rushdie’s peers after NY attack

    Moments after the 75-year-old Booker Prize winner Salman Rushdie was attacked on a stage in New York, several celebrated authors took to Twitter to express their concern. Stephen King, the author of several horror books, including 'It' and 'The Shining', took to Twitter and wrote 'I hope Salman Rushdie is okay.' The US senator of New York Chuck Schumer called the incident a 'shocking and appalling attack on freedom of speech and thought.'

  • Videograb from aTwitter user showing Salman Rushdie being loaded onto a medical evacuation helicopter at Chautauqua, New York. 

    Salman Rushdie is alive and airlifted to safety, says New York governor

    British author Salman Rushdie, who was attacked and stabbed in the neck at a literary event on Friday in western New York state, is alive and has been airlifted to safety, said New York's governor Kathy Hochul. Rushdie, whose writings made him the target of Iranian death threats, was taken by helicopter to a local hospital. Social media footage showed people rushing to Rushdie's aid and administrating emergency medical care.

  • Author Salman Rushdie, behind screen left, is tended to after he was attacked during a lecture in New York.

    Author Salman Rushdie attacked at New York event: Top points to know

    Mumbai-born author Salman Rushdie was attacked on a stage on Friday, minutes before he was set to give a lecture during an event in New York, United States. According to the latest information being shared by multiple news agencies, a man stormed the stage as the Mumbai-born author was being introduced by the anchor of the event. He then allegedly "punched and stabbed" Rushdie. His identity has not yet been released.

  • The author was taken or fell to the floor, and the man was restrained.

    Author Salman Rushdie stabbed at New York event, attacker held

    British author Salman Rushdie, whose writings made him the target of Iranian death threats that forced him into hiding, was attacked on stage Friday in western New York state. "A most horrible event just happened at #chautauquainstitution - Salman Rushdie was attacked on stage at #chq2022. The amphitheater is evacuated," one witness said on social media. Rushdie's condition was not immediately known.

  • This 2014 illustration made available by the U.S. Centers for Disease Control and Prevention depicts a polio virus particle.

    Polio detected in New York's sewage water, suggests virus circulating

    The polio virus has been found in New York City's wastewater in another sign that the disease, which hadn't been seen in the U.S. in a decade, is quietly spreading among unvaccinated people, health officials said Friday. State Health Commissioner Dr. Mary T. Bassett said the detection of poliovirus in wastewater samples in New York City is alarming but not surprising.

SHARE
Story Saved
×
Saved Articles
Following
My Reads
Sign out
New Delhi 0C
Friday, August 12, 2022
Start 15 Days Free Trial Subscribe Now