North Korean Hackers Reportedly Behind the $100 Million Harmony Exploit

The Lazarus Group, a notorious North Korean hacking group, is suspected of attacking the cryptocurrency protocol Harmony. The criminal organization has been involved in a number of similar heists in recent years and there has no been an ideal way of tracing crypto transaction with ideas like ID recognition presented forward by Concordium not generally adopted.

Harmony revealed last week that wrongdoers breached its Horizon Bridge and drained approximately $100 million in Ethereum. Harmony's team quickly launched a "global manhunt" for the perpetrators of the attack.

According to Bloomberg, Elliptic Enterprises, a firm that tracks stolen digital assets, stated that the exploit was most likely carried out by the Lazarus Group (a cybercrime entity backed by the North Korean state). According to the company, the laundering methods were very similar to previous hacking maneuvers: "There are strong indications that North Korea’s Lazarus Group may be responsible for this theft, based on the nature of the hack and the subsequent laundering of the stolen funds.”

Elliptic also went into great detail about how the heist was carried out. To breach the protocol's security system, the Lazarus Group targeted the username and password credentials of Harmony employees in the Asia Pacific region. Once in control, the criminals used automated laundering services to move the stolen assets at night.

Elliptic also claimed that the hacking group had already transferred more than 40% of the $100 million to a Tornado Cash mixer. According to a recent Coincub study, North Korea is by far the top-ranked nation for crypto crime. Between 2017 and 2022, skilled hackers from the totalitarian country targeted governments and private companies all over the world, stealing more than $1.5 billion in digital assets. Despite repeated warnings and harsh sanctions, Pyongyang has maintained its ballistic missile infrastructure: “DPRK demonstrated increased capabilities for rapid deployment, wide mobility (including at sea), and improved resilience of its missile forces.” Unsurprisingly, Russia and China refused to sign the UN statement, which accuses North Korea of using stolen crypto assets to fund its nuclear tests.