Elliptic Accuses Lazarus Group of Masterminding Harmony attack
- The Elliptic report illustrates that the group employed the Tornado Cash mixer to transfer about 41 percent of the funds.
A global financial crime compliance firm, Elliptic enterprises has indicted a North Korean cybercrime team, identified as Lazarus Group, of masterminding the exploitation recently suffered by Harmony Horizon Bridge. According to Bloomberg, the firm which focuses on probing digital assets hinted that the techniques deployed in the exploitation were similar to the ones previously deployed by the hacking group.
Harmony a system attack earlier this month, a development which led to the siphoning of about $100 million.
Why Elliptic is accusing the Lazarus group of the attack
Elliptic enterprises explained that the Lazarus Group is a major suspect in its investigation due to the mannerism of the attack. The firm further revealed that the group aimed at the username and password of staff in the Asia Pacific that are working with Harmony.
Their research also revealed that the hackers wired the funds through automated laundering services, with an indication that the wiring took place late in the night according to the Asia Pacific timezone. Elliptic submitted that all these are pointers to the involvement of the Lazarus Group in the hack.
Furthermore, the report also illustrates that the group employed the Tornado Cash mixer to transfer about 41% of the funds. Using the Tornado Cash mixer will make it impossible to trace the path of the transaction. Additionally, Elliptic made it known that there are parallels between the Harmony attack and the $600 million hack on Ronin Bridge of Axie Infinity. This point further strengthens the firm’s claim against the Lazarus group.
However, Horizon divulged that investigation is ongoing to determine the severity of the attack on users. The attack further underlines the defenselessness of crypto bridges to cyber hacks. The technological complexity of crypto bridges has made it difficult for users to engage them, thus, making them prey to hackers.
A Series of Similar Accusations
Overtly, the United States authorities have accused the North Korean government of supporting the Lazarus group. Though, the North Korean government has continuously denied the allegations.
Around March 23, 2022, Axie Infinity endured the biggest hack in the history of cryptocurrency, the attack was initiated via Ronin Bridge. The Video game lost about $600 million to the attack. A few weeks after the attack, the Federal Bureau of Investigation accused both the Lazarus Group and the North Korean government.
Subsequently, The attack isn’t the first linked to the North Korean Government, Last year, leading blockchain analytic organization, Chainalysis revealed that the North Korean Government initiated more than seven hacks on crypto firms that fetched the government about $400 million. Adding to the history of the government as a popular figure in hacks and other financial cybercrime.