Security News > 2022 > July > Crypto sleuths pin $100 million Harmony theft on Lazarus Group

Investigators at a blockchain analysis outfit have linked the theft of $100 million in crypto assets last week to the notorious North Korean-based cybercrime group Lazarus.

Blockchain startup Harmony announced June 23 that its Horizon Bridge - a cross-chain bridge service used to transfer assets between Harmony's blockchain and other blockchains - had been attacked and crypto assets like Ethereum, Wrapped Bitcoin, Binance Coin, and Tether stolen.

Their analysis of the attack found a combination of factors the company said indicated that the Lazarus Group was involved.

Lazarus is suspected of being behind the heist of at least $540 million in a hack last month of Ronin Bridge, an Ethereum-based network that supports Axie Infinity, a blockchain video game.

The US Treasury Department also identified Lazarus - also known as AppleWorm, APT-C-26, and Hidden Cobra, among other aliases - as the likely perpetrator behind the Ronin Bridge breach and announced new sanctions against a Lazarus Ethereum wallet.

The researchers also noted that the Horizon Bridge attack was done though compromised encryption keys of a multi-signature wallet that likely came via a social-engineering attack on Harmony employees, that many of the core team at US-based Harmony have links to the Asia-Pacific region, and that the times the stolen funds were not being moved out of Tornado Cash are consistent with nighttime hours in that region.

News URL

https://go.theregister.com/feed/www.theregister.com/2022/07/01/lazarus-crypto-hack-harmony/