North Korea’s Lazarus Hackers Try to Exfiltrate Harmony Funds

The notorious cybercrime group used Ethereum-based Railgun to anonymize their movements, but exchanges froze some assets

by Shalini Nagarajan /
article-image

Source: Shutterstock / BeeBright, modified by Blockworks

share

North Korean hacker group Lazarus made attempts to move funds worth $63 million that were stolen from last year’s Harmony bridge hack, but the crypto exchanges used for the process claim its transfers have been blocked.

Blockchain sleuth ZachXBT shared on Twitter that the group moved some 41,000 ETH over the weekend using Ethereum-based Railgun, a smart contract that keeps user identities private, to exchanges Binance, OKX and Huobi. The transactions were carried out between Jan. 13 and 14.

ZachXBT also shared over 350 addresses associated with the hacker group. 

Binance CEO Changpeng Zhao tweeted that the exchange has previously detected the hacker’s fund movement, and that it coordinated with Huobi in freezing the accounts. They also together managed to recover 124 bitcoin ($2.6 million), according to Zhao, implying that some of the stolen ether was swapped for bitcoin.

Huobi too was able to detect and prevent the hacker from attempting to launder funds, according to Justin Sun. About Capital, Sun’s investment firm, acquired Huobi in October

Harmony’s Horizon bridge was one of the biggest hacks of last year. It allows users to move their cryptoassets via cross-chain transfers between Ethereum, Binance Smart Chain and Harmony blockchains. The bridge was exploited in June 2022 for $100 million, with the proceeds initially moved via now-OFAC-sanctioned Tornado Cash

Blockchain analytics firm Elliptic said that different types of cryptoassets were stolen including ETH, BNB, USDT, USDC and Dai. After the theft, the hacker used different types of decentralized exchanges to swap the tokens for ETH, which is a “common technique utilized by DeFi hackers,” the firm added. 

The total amount of funds lost to hacks in 2022 amounted to $4.3 billion of cryptocurrency, representing a 37% jump from 2021. Smart contract vulnerabilities that lead to malicious exploits remain among the most pressing threats that need to be solved in 2023.

Start your day with top crypto insights from David Canellis and Katherine Ross. Subscribe to the Empire newsletter.

Tags

Upcoming Events

Permissionless III

Salt Lake City, UT

WED - FRI, OCTOBER 9 - 11, 2024

Pack your bags, anon — we’re heading west! Join us in the beautiful Salt Lake City for the third installment of Permissionless. Come for the alpha, stay for the fresh air. Permissionless III promises unforgettable panels, killer networking opportunities, and mountains […]

learn more

recent research

Avail.jpg

Research

Avail: A Unification of Crypto Infrastructure

Data publishing costs have historically been a bottleneck for rollups, and as more rollups launch, interoperability will continue to be a major challenge. Avail presents a potential solution to rollup fragmentation through its three products: Avail DA, Nexus, and Fusion, which together aim to unify the web3 experience.

by Ren Yu Kong

/

news

article-image

DeFi

What’s behind Celo’s pivot to Ethereum?

Celo’s layer-2 will aim for a summer 2024 testnet

by Jack Kubinec /
article-image

Op-Ed

The risks of restaking are extremely overrated

Like any new idea, restaking protocols will need a long break-in period to ensure their technical safety — but that’s doesn’t mean they’re not extremely promising

by Adam Efrima /
article-image

DeFi

Stacks Nakamoto upgrade unfolds a new era for the Bitcoin L2

The Nakamoto upgrade will enhance transaction throughput and enable Bitcoin finality for layer-2 transactions

by Bessie Liu /
article-image

DeFi

Bitcoin memecoins pushed fees higher than block rewards for first time

Miners may not have even noticed the halving took place over the weekend, with fees largely making up the difference so far

by David Canellis /
article-image

Business

Hut 8’s business diversity to give it an edge after the halving: Benchmark  

Research analyst Mark Palmer starts coverage of the bitcoin miner and puts its price target 50% higher than its current level

by Ben Strack /
article-image

Web3

Empire Newsletter: Bitcoin’s turn for memecoin mania

Runes, crypto taxes and Binance’s execs stuck in Nigeria

by David Canellis&Casey Wagner&Katherine Ross&Michael McSweeney /