North Korean hackers launder $27M ETH from Harmony Bridge attack

North Korean exploiters down the Harmony Bridge onslaught proceed to launder the funds stolen successful June 2022. According to on-chain information revealed connected Jan. 28 by blockchain sleuth ZachXBT, the perpetrators moved different $27.18 cardinal successful Ethereum (ETH) implicit the weekend.

The tokens were transferred to six antithetic crypto exchanges, noted ZachXBT successful a Twitter thread, without disclosing which platforms had received the tokens. Three main addresses carried retired the transactions.

According to ZachXBT, exchanges were notified astir the funds transportation and portion of the stolen assets were frozen. The movements made by the exploiters to launder the wealth were precise akin to those taken connected Jan. 13, erstwhile implicit $60 cardinal was laundered, noted the crypto detective.

— ZachXBT (@zachxbt) January 29, 2023

The funds were moved a fewer days aft the Federal Bureau of Investigation (FBI) confirmed the Lazarus Group and APT38 arsenic the criminals down the $100 cardinal hack. In a statement, the FBI noted that “through our investigation, we were capable to corroborate that the Lazarus Group and APT38, cyber actors associated with the DPRK, are liable for the theft of $100 cardinal of virtual currency from Harmony’s Horizon bridge.”

Related: ‘Nobody is holding them back’ — North Korean cyber-attack menace rises

The Harmony Bridge facilitates transportation betwixt Harmony and the Ethereum network, Binance Chain and Bitcoin. A fig of tokens worthy astir $100 million were stolen from the platform connected Jun. 23.

Following the exploit, 85,700 Ether was processed done the Tornado Cash mixer and deposited astatine aggregate addresses. On Jan. 13, the hackers started shifting astir $60 cardinal worthy of the stolen funds via the Ethereum-based privateness protocol RAILGUN. According to an investigation from crypto tracking level MistTrack, 350 addresses person been associated with the onslaught done galore exchanges successful an effort to debar identification.

Lazarus is simply a well-known hacking syndicate that has been implicated successful a fig of cardinal crypto manufacture breaches, including the $600 cardinal Ronin Bridge hack past March.