The North Korean perpetrators of the Harmony Bridge attack continue to launder the stolen funds in June 2022. According to on-chain data revealed on Jan. 28 by blockchain detective ZachXBT, the perpetrators moved another $27.18 million in Ethereum (ETH) during weekend.
The tokens were transferred to six different cryptocurrency exchanges, he pointed ZachXBT in a Twitter thread, without disclosing which platforms had received the tokens. Three main addresses carried out the transactions.
According to ZachXBT, exchanges were notified about the transfer of funds and part of the stolen assets were frozen. The movements carried out by the exploiters to launder the money were very similar to those carried out on January 13, when more than USD 60 million was laundered, the detective said.
Who’s active rn?
DPRK just finished laundering another $17.7m+ (11304 ETH) from the Harmony Bridge hack.
S/o to the exchanges who responded quickly on a weekend so funds could be frozen. pic.twitter.com/sUyUScHR4N
— ZachXBT (@zachxbt) January 29, 2023
The funds moved a few days after the Federal Bureau of Investigation (FBI) confirmed that Lazarus Group and APT38 were the criminals behind the $100 million hack. In a statement, the FBI noted that “through our investigation, we were able to confirm that the Lazarus Group and APT38, cyber actors associated with the DPRK, are responsible for the theft of $100 million in virtual currency from Harmony’s Horizon Bridge.”
Harmony Bridge makes it easy to transfer between Harmony and the Ethereum, Binance Chain, and Bitcoin networks. On June 23, several tokens worth around USD 100 million were stolen from the platform.
Following the exploit, 85,700 Ether were processed through the Tornado Cash mixer and deposited to multiple addresses. On January 13, the hackers began moving around $60 million of the stolen funds through the Ethereum-based privacy protocol; RAILGUN. According to an analysis by cryptocurrency tracking platform MistTrack, 350 addresses have been linked to the attack across many exchanges in an attempt to avoid identification.
Lazarus is a well-known hacker collective that has been implicated in a number of major attacks in the cryptocurrency industry, including the $600 million Ronin Bridge hack last March.
Clarification: The information and/or opinions expressed in this article do not necessarily represent the views or editorial line of Cointelegraph. The information presented here should not be taken as financial advice or investment recommendation. All investment and commercial movement involve risks and it is the responsibility of each person to do their due research before making an investment decision.
Investments in crypto assets are not regulated. They may not be suitable for retail investors and the entire amount invested may be lost. The services or products offered are not directed or accessible to investors in Spain.