North Korea-linked cybercrime syndicate Lazarus Group has reportedly transferred $63.4 million in Ethereum from 2022’s mammoth Harmony bridge hack, depositing it on Binance, Huobi, and OKX.
According to on-chain sleuth ZachXBT, the group used the privacy and anonymity system Railgun before consolidating the funds and depositing them on the exchanges.
Railgun is an Ethereum-based smart contractsmart contract system that lets users obscure the nature of their crypto transactions, removing identifying information.
The sleuth claimed that the transfers, made on January 13, involved 350,000 separate wallet addresses.
1/2 North Korea’s Lazarus Group had a very busy weekend moving $63.5m (~41000 ETH) from the Harmony bridge hack through Railgun before consolidating funds and depositing on three different exchanges. pic.twitter.com/huDumaJeSh
Binance CEO Changpeng “CZ” Zhao said that his team, in collaboration with Huobi, had detected the funds' movements, which they then froze and recovered.
The Binance chief claimed that the total recovery came to 124 Bitcoin, suggesting that the attackers had converted funds from ETH to BTC.
Though Lazarus reportedly originally made the illegitimate transfers in the form ETH, these tokens could have been later swapped for BTC at many points during the mixing and consolidating process.
We detected Harmony One hacker fund movement. They previously tried to launder through Binance and we froze his accounts. This time he used Huobi. We assisted Huobi team to freeze his accounts. Together, 124 BTC have been recovered. CeFi helping to keep DeFi #SAFU! 🙏
In June 2022, the Harmony attack saw hackers run off with $100 million after compromising the project’s token bridge. A blockchain bridge that connects different, incompatible blockchains together.
Many, including blockchain analytics company Elliptic, attributed the attack to the North Korean state-sponsored hacking group Lazarus.
In an extensive talk with Decrypt's Dan Roberts at Camp Decrypt in Napa CA in October, Edward Snowden gave his candid views on the Ethereum merge, the sanctioning of Ethereum mixer Tornado Cash by the U.S. government, the privacy shortcomings of Bitcoin and Ethereum, and his view on using DAOs to source tips from whistleblowers.
It’s unknown, what if any, steps have been taken by OKX, in response to the alleged criminal transfers.
CZ explained that Binance’s security teams are to an extent collaborative and talk to other exchanges, but added that “not all” other exchanges are collaborative.
Our security teams talk to each other, not all exchanges are collaborative (some have a wrong competitive mindset), but many are. I am actually not in those chats myself. Don't know the details.
The CEO added that he is not in those security chats himself and as a result, doesn’t “know the details.”
Decrypt has contacted Binance, Huobi, and OKX about the transfers and their responses.
Despite the size of Lazarus’s attack on Harmony, the hack is just a small portion of the overall number of funds the cybercrime syndicate has been implicated in stealing.
Lazarus was also implicated, to give just an example, in the March 2022 attack on the Ronin Network, which was estimated at being worth about $622 million. The group was also tied to a scheme that impersonated venture capital companies to spread malware to various crypto-related firms.
Daily Debrief Newsletter
Start every day with the top news stories right now, plus original features, a podcast, videos and more.
New CertiK estimates suggest about $364 million was lost through crypto hacks, scams and exploits in April alone.
The cybersecurity firm says the vast majority of this total, $337 million, is related to phishing attacks.
#CertiKStatsAlert 🚨
Combining all the incidents in April we’ve confirmed ~$364M lost to exploits, hacks and scams after ~$18.2m was returned.
KiloEx, Loopscale and zkSync all had funds returned by whitehat exploiters.
~$337M of the total is attributed to phishing.
More… pic.tw...
Anthony Pompliano, a high-profile crypto investor and social media personality, is looking to take his influence public—literally.
ProCap Acquisition Corp., a blank-check company led by Pompliano, filed paperwork with the U.S. Securities and Exchange Commission on Wednesday to raise $200 million in an initial public offering.
The company plans to trade on Nasdaq under the ticker “PCAPU,” with each $10 unit comprising a Class A ordinary share and one-third of a warrant.
Bitcoin Rewards App Fold...
The story of a Wales man who believes he accidentally threw away $750 million worth of Bitcoin is now poised to get the Hollywood treatment.
On Wednesday, a new Los Angeles-based production company, Lebul, announced that it secured the exclusive rights to tell the story of James Howells, an IT engineer who mined 8,000 BTC back in 2009—when the tokens were effectively worthless—and then lost them all.
Howells maintains that a former lover threw away a hard drive containing the tokens back in 20...