On the basis of similarities with the Ronin bridge attack in March 2022, the notorious North Korean hacking collective Lazarus Group is suspected of being responsible for the recent $100 million altcoin theft from Harmony Horizon Bridge.
According to Harmony, a platform that allows users to move cryptocurrency across different blockchains was breached last week, the company's Horizon Bridge was also found to have been compromised.
Multiple transactions were carried out on June 23 by the exploiter, which resulted in the theft of approximately $100 million in cryptocurrency from the bridge.
Tether (USDT), Wrapped Bitcoin (WBTC), and BNB were among the crypto assets stolen, according to a new report from blockchain analytics company Elliptic. Decentralized exchange Uniswap (DEX) was used by the thief to convert 85,837 ETH in total from the stolen assets.
A few days later, on June 27, the perpetrator allegedly began moving funds worth $39 million through the Tornado Cash mixer service in an effort to obscure the illicit gains and obscure the transaction trail back to the original theft..
"Demixing" the transactions, Elliptic was able to identify a number of new Ethereum wallets where the stolen funds had been transferred.
The Lazarus Group has been blamed for the incident because of the threat actor's track record of cryptocurrency thefts, including attacks on cross-chain bridges earlier this year, and the way the funds were stolen and then laundered afterward.
An attack on Harmony's team members may have compromised the multi-signature wallet's cryptographic keys, which led to the theft, according to the company's statement. "The Lazarus Group frequently employs these methods."
Tornado cash stops moving stolen funds out for relatively short periods of time, which Elliptic explains as being consistent with nighttime hours in the Asia-Pacific. Combining all of these factors suggests that Lazarus and his gang were involved."
In order to recover the stolen assets, Harmony has informed all cryptocurrency exchanges and law enforcement agencies, as well as blockchain forensic firms. By July 4, 2022, 11 p.m. GMT, it is offering "one final opportunity" for the cyber thieves to send the funds back anonymously and "retain $10 million and return the remaining amount."
An additional $10 million will be offered to anyone who can help bring back the stolen virtual currencies.
To make matters worse, this "crypto winter" has resulted in Bitcoin's price falling below $20,000, potentially jeopardizing a major source of revenue for sanctions-hit North Korea. The Horizon Bridge cyber-heist comes at a bad time.
Axie Infinity's developers, Sky Mavis, announced this week that the Ronin Bridge has been restarted following three audits, which were conducted by a third-party.
On top of that, on Wednesday, the European Parliament and Council reached a historic agreement to force crypto platforms to provide identifying information on the originators and the beneficiaries in a bid to ensure transparency in the transfer of crypto-assets.
When it comes to wire transfers, "this is what payment service providers currently do," according to a statement from the Council. As a result, it will be possible to track down any suspicious crypto asset transfers and prevent them from proceeding.
Post a Comment
Your suggestions and comments are welcome