Lazarus Group responsible for $100 million hack of Harmony Protocol's Horizon Bridge

Lazarus Group - North Korea’s state sponsored hacker group is believed to be responsible for the theft of over $100 million in cryptocurrencies, according to blockchain analytics firm Elliptic.

Harmony Protocol revealed last week that it had initiated a global manhunt against the hackers, after they had drained $100 million from their blockchain bridge - Horizon Bridge, on June 24th.

The firm noted:

“Our analysis of the hack and the subsequent laundering of the stolen cryptoassets also indicates that it is consistent with activities of the Lazarus Group — a cybercrime group with strong links to North Korea. Although no single factor proves the involvement of Lazarus, in combination they suggest the group’s involvement.”

Horizon Bridge is a protocol that enables cryptocurrency to move across different blockchains, and Harmony has reiterated that they still have a "desire to work with the hacker" that stole the $100 million.

The hacking group, which is controlled by North Korea’s primary intelligence bureau, the Reconnaissance General Bureau, has faced sanctions from the US.

Harmony has publicly confirmed that they believe Lazarus to be behind the hack, with Elliptic noting that the hackers used usernames and passwords of Harmony employees to break into and drain the funds from Harmony Bridge.

As part of an attempt to recover the stolen assets, Harmony is working with their partners at Chainanalysis and AnChain.ai to investigate the matter. Harmony noted, however, that they would halt the investigation if the hackers agreed to return the crypto assets, bar $10 million, however the North Korean government has thus far not collaborated with any crypto company following a suspected attack by the Lazarus group, consistently denying any role in crypto cyber crime.

Elliptic has noted that funds were moved during Asia Pacific night time hours, and 41% of the total funds stolen has already been send to a Tornado Cash more, which is used to hide the transaction trail.

With the cryptocurrency market taking a beating over the past few months, the theft of digital assets is particularly unwelcome, at a time when many crypto platforms are struggling to retain liquidity. 

Disclaimer: This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.