Elliptic experts said that the attack on the Horizon cross-chain bridge may be behind the attack on the Horizon cross-chain bridge, the hacker group Lazarus associated with North Korea.
According to analysts, hackers have already sent 41% of stolen crypto assets to Tornado Cash for money laundering. At the time of writing the report, the attackers transferred more than 35,000 ETH to the mixer.
Before that, the hackers brought the stolen assets to the Uniswap decentralized exchange and converted them into 85,837 ETH. Elliptic noted that this is a fairly common method of laundering stolen funds.
Analysts have identified several reasons that indicate that the North Korean Lazarus was behind the hack.
They indicated that the assets were transferred to Tornado Cash with regularity, suggesting the involvement of some kind of automated software. Experts observed a similar system during the laundering of funds stolen during the attack on the Ronin sidechain. The Lazarus hackers are also believed to be behind it.
The theft was carried out by compromising the private keys to the multisig wallet, probably through a social engineering attack on members of the Harmony team. Such methods have often been used by the Lazarus Group, Elliptic noted.
In addition, the Lazarus Group often targets victims in the Asia-Pacific region, analysts say. Many members of the Harmony core team have connections with this region.
Recall that on June 24, the Harmony blockchain platform reported an attack on the Horizon cross-chain bridge, as a result of which the attackers stole assets worth about $ 100 million. Later, the Harmony team has offered a $1 million reward for the return of stolen funds.
The US authorities have issued a warning about the threats of North Korean hackers aimed at stealing cryptocurrencies.
Read the ForkLog bitcoin news on our Telegram – cryptocurrency news , courses and analytics.