Bitcoin
$64,251.14+1.39%
Ethereum
$3,071.69+0.51%
Binance Coin
$559.83+1.97%
Solana
$145.62+4.64%
XRP
$0.50262333+0.57%
Dogecoin
$0.15317482+2.53%
Toncoin
$6.17-1.87%
Cardano
$0.46894242+3.89%
Shiba Inu
$0.00002282+0.73%
Avalanche
$35.17+1.24%
Wrapped Bitcoin
$64,293.68+1.29%
Tron
$0.11057971+1.11%
PlayIconNav
Crypto Prices CoinDesk 20 Index CoinDesk 20 Index
Consensus 2024Price Increase Extension Ends In
01
DAY
02
HR
30
MIN
55
SEC
Finance

North Korean Hacking Group Behind $100M Horizon Bridge Hack: Report

Blockchain analytics firm Elliptic has traced the hack back to the Lazarus Group, a state-sponsored North Korean hacking organization.

By Cheyenne Ligon
AccessTimeIconJun 29, 2022 at 11:22 p.m. UTC
Updated May 11, 2023 at 6:50 p.m. UTC
(Eric Lafforgue/Art In All Of Us/Corbis via Getty Images)
(Eric Lafforgue/Art In All Of Us/Corbis via Getty Images)
10 Years of Decentralizing the Future
May 29-31, 2024 - Austin, TexasThe biggest and most established global hub for everything crypto, blockchain and Web3.Register Now

The Lazarus Group – a North Korean hacking group believed to be supported by the Kim regime – is likely behind last week’s hack of Harmony Bridge, according to new analysis by blockchain research firm Elliptic.

The attack drained the service, which enables crypto assets to be traded between the Harmony blockchain and other blockchains, of $100 million worth of crypto, including ether (ETH), tether (USDT) and wrapped bitcoin (wBTC) on the morning of June 24.

VolumeMuteUnmute

Over $67M in Crypto Lost to Hacks and Exploits in February: Immunefi Report

  • Running With Crypto: 5 Questions With TRM Labs' Ari Redbord
    00:59
    Running With Crypto: 5 Questions With TRM Labs' Ari Redbord
  • Hacks Involving North Korea Are 'Even Greater Problem': Legal Experts
    09:43
    Hacks Involving North Korea Are 'Even Greater Problem': Legal Experts
  • Breaking Down the State of Hacking in 2024
    02:01
    Breaking Down the State of Hacking in 2024
  • Crypto Hack Volumes Fell by More Than 50% in 2023: TRM Labs
    00:59
    Crypto Hack Volumes Fell by More Than 50% in 2023: TRM Labs

    • North Korean hackers have grown increasingly sophisticated; in 2021 they stole an estimated $400 million, mostly in ether. The total for 2022 has already far surpassed that figure.

    According to Elliptic, the attackers converted the stolen assets to 85,837 ETH following the hack and, beginning on June 27, began to send some of the ETH through Tornado Cash, a mixer commonly used to launder illegally obtained crypto. So far, approximately 35,000 ETH – 41% of the total funds stolen – have been sent to Tornado Cash.

    The Harmony Bridge hack is consistent with other hacks attributed to the Lazarus Group, including the $635 million Ronin Bridge hack in March, which was possibly the largest hack in the history of decentralized finance (DeFi).

    Elliptic’s analysis also highlights other factors in the Harmony Bridge hack that point to the Lazarus Group, including the automated deposits into Tornado Cash that mimic programmatic laundering of the Ronin Bridge funds, as well as the timing of the theft, which correlates with Asia-Pacific (APAC) nighttime hours.

    Disclosure

    Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.

    CoinDesk is an award-winning media outlet that covers the cryptocurrency industry. Its journalists abide by a strict set of editorial policies. In November 2023, CoinDesk was acquired by the Bullish group, owner of Bullish, a regulated, digital assets exchange. The Bullish group is majority-owned by Block.one; both companies have interests in a variety of blockchain and digital asset businesses and significant holdings of digital assets, including bitcoin. CoinDesk operates as an independent subsidiary with an editorial committee to protect journalistic independence. CoinDesk employees, including journalists, may receive options in the Bullish group as part of their compensation.

    Cheyenne Ligon
    Cheyenne Ligon

    Cheyenne Ligon is a CoinDesk news reporter with a focus on crypto regulation and policy. She has no significant crypto holdings.

    Follow @cheyenneligon on Twitter

    Learn more about Consensus 2024, CoinDesk's longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to consensus.coindesk.com to register and buy your pass now.