North Korean attackers launder $27M Ethereum (ETH) from Harmony Bridge attack

1 min

North Korean hackers launder $27M ETH from Harmony Bridge attack

North Korean exploiters behind the Harmony Bridge attack continue to launder the funds stolen in June 2022. Reports by on-chain data revealed on Jan. 28 by blockchain tech sleuth ZachXBT, the perpetrators moved another $27.18 Million in Ethereum (ETH) (ETH) over the weekend.

The crypto tokens were transferred to 6 different cryptocurrency exchanges, noted ZachXBT in a Twitter thread, without disclosing which platforms had received the crypto tokens. 3 main addresses carried out the transactions.

Reports by ZachXBT, exchanges were notified about the funds transfer and part of the stolen assets were frozen. The movements made by the exploiters to launder the money were very similar to those taken on Jan. 13, when over $60 Million was laundered, noted the cryptocurrency detective.

The funds were moved several  days after the Federal Bureau of Investigation (FBI) confirmed the Lazarus Group and APT38 as the criminals behind the $100 Million hack. In a statement, the FBI pointed out that “through our investigation, we were able to confirm that the Lazarus Group and APT38, cyber actors associated with the DPRK, are in charge of the theft of $100 Million of virtual currency from Harmony’s Horizon bridge.”

The Harmony Bridge facilitates transfer betwixt Harmony and the Ethereum (ETH) network, Binance Crypto exchange Chain and Bitcoin. A number of crypto tokens worth about $100 million were stolen from the platform on Jun. 23.

After the  exploit, 85,700 Ether was processed through the Tornado Cash mixer and deposited at numerous addresses. On Jan. 13, the attackers started shifting around $60 Million worth of the stolen funds via the Ethereum-based privacy protocol RAILGUN. Reports by an analysis from cryptocurrency tracking platform MistTrack, 350 addresses have been associated with the attack through numerous exchanges in an effort to avoid identification.

Lazarus is a trending hacking syndicate that has been implicated in a number of key cryptocurrency industry breaches, including the $600 Million Ronin Bridge hack last March.


Read Disclaimer
This page is simply meant to provide information. It does not constitute a direct offer to purchase or sell, a solicitation of an offer to buy or sell, or a suggestion or endorsement of any goods, services, or businesses. does not offer accounting, tax, or legal advice. When using or relying on any of the products, services, or content described in this article, neither the firm nor the author is liable, directly or indirectly, for any harm or loss that may result. Read more at Important Disclaimers and at Risk Disclaimers.