{"id":469156,"date":"2022-06-30T14:45:00","date_gmt":"2022-06-30T11:45:00","guid":{"rendered":"https:\/\/en.buradabiliyorum.com\/infamous-north-korean-hacker-group-identified-as-suspect-for-100m-harmony-attack\/"},"modified":"2022-06-30T14:45:00","modified_gmt":"2022-06-30T11:45:00","slug":"infamous-north-korean-hacker-group-identified-as-suspect-for-100m-harmony-attack","status":"publish","type":"post","link":"https:\/\/buradabiliyorum.com\/en\/infamous-north-korean-hacker-group-identified-as-suspect-for-100m-harmony-attack\/","title":{"rendered":"# Infamous North Korean hacker group identified as suspect for $100M Harmony attack"},"content":{"rendered":"<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_84 counter-hierarchy ez-toc-counter ez-toc-custom ez-toc-container-direction\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<label for=\"ez-toc-cssicon-toggle-item-6a2af5bdadaac\" class=\"ez-toc-cssicon-toggle-label\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #dd3333;color:#dd3333\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #dd3333;color:#dd3333\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/label><input type=\"checkbox\"  id=\"ez-toc-cssicon-toggle-item-6a2af5bdadaac\" checked aria-label=\"Toggle\" \/><nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-1'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/buradabiliyorum.com\/en\/infamous-north-korean-hacker-group-identified-as-suspect-for-100m-harmony-attack\/#%E2%80%9D_Infamous_North_Korean_hacker_group_identified_as_suspect_for_100M_Harmony_attack_%E2%80%9C\" >&#8221; Infamous North Korean hacker group identified as suspect for $100M Harmony attack &#8220;<\/a><\/li><\/ul><\/nav><\/div>\n<h1><span class=\"ez-toc-section\" id=\"%E2%80%9D_Infamous_North_Korean_hacker_group_identified_as_suspect_for_100M_Harmony_attack_%E2%80%9C\"><\/span>&#8221; Infamous North Korean hacker group identified as suspect for $100M Harmony attack &#8220;<span class=\"ez-toc-section-end\"><\/span><\/h1>\n<p><img decoding=\"async\" src=\"https:\/\/images.cointelegraph.com\/images\/840_aHR0cHM6Ly9zMy5jb2ludGVsZWdyYXBoLmNvbS91cGxvYWRzLzIwMjItMDYvZTRiMmU2ODktMzI3Yi00ZWRmLWFmYmEtMjRlZDZmNTk2NTgxLmpwZw==.jpg\" \/><\/p>\n<div class=\"post-content\" data-v-2a0745c6>The Lazarus Group, a well-known North Korean hacking syndicate, has been identified as the primary suspect in the recent attack that saw $100 million stolen from the Harmony protocol.\u00a0<\/p>\n<p>According to a new <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/hub.elliptic.co\/analysis\/the-100-million-horizon-hack-following-the-trail-through-tornado-cash-to-north-korea\/\">report<\/a> published today by blockchain analysis firm Elliptic, the manner in which Harmony\u2019s Horizon Bridge was hacked and the way stolen digital assets were consequently laundered bears a striking resemblance to other Lazarus Group attacks.<\/p>\n<blockquote><p>\u201cThere are strong indications that North Korea\u2019s Lazarus Group may be responsible for this theft, based on the nature of the hack and the subsequent laundering of the stolen funds.\u201d<\/p><\/blockquote>\n<p>Additionally, Elliptic outlined exactly how the heist was executed, noting that The Lazarus Group targeted the login credentials of Harmony employees in the Asia Pacific region to breach the protocol\u2019s security system. After gaining control of the protocol, the hackers deployed automated laundering programs that moved the stolen assets late at night.<\/p>\n<p>Elliptic also noted that the hackers have already transferred over 40% of the $100 million to Tornado Mixer, an Ethereum-based \u201cmixing service\u201d that obscures transaction data and makes it extremely difficult for investigators to trace the movement of funds.<\/p>\n<p>Initially, the Harmony team offered up a $1 million bounty as an incentive for the hackers to return the funds. However, on June 29, Harmony <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/medium.com\/harmony-one\/harmonys-horizon-bridge-hack-1e8d283b6d66\">upped<\/a> the bounty to $10 million, and claimed that a full return of funds would cease the investigation and no further criminal charges would be pursued. <\/p>\n<p>The $600 million Ronin bridge hack, which occurred in April, has also been linked back to The Lazarus Group. Due to current market conditions, the value of the stolen Ether (ETH) has plummeted more than 60% down to $230 million.<\/p>\n<p>A recent report from Coinclub.com <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.prnewswire.com\/news-releases\/north-korea-heads-up-the-worlds-top-five-crypto-crime-locations-says-coincubcom-301577243.html\">indicates<\/a> that North Korea has deployed 7,000 full-time hackers to raise funds through cyberattacks, ransomware and crypto protocol hacks. North Korea is the world leader in cryptocurrency-related crime, with over 15 documented instances of cyber theft amounting to roughly $1.59 billion in stolen funds.<\/p>\n<p><em><strong>Related: <\/strong><strong>Harmony hacker sends stolen funds to Tornado Cash mixer<\/strong><\/em><\/p>\n<p>Harmony\u2019s Horizon Bridge is the latest addition to a growing list of token bridges that have been attacked, including Meter, Wormhole and Ronin, bringing the total amount of bridge token-related theft to a little over $1 billion in 2022 alone.<\/p>\n<p>The largest token bridge to be hacked was Poly Network in 2021, which lost $610 million that was almost entirely returned.<\/p>\n<p><template data-name=\"subscription_form\" data-type=\"markets_outlook\"><\/template>\n<\/div>\n<blockquote><p><strong><span style=\"color: #ff6600;\">If you liked the article, do not forget to share it with your friends. Follow us on\u00a0<span style=\"color: #ff0000;\"><a style=\"color: #ff0000;\" href=\"https:\/\/news.google.com\/publications\/CAAqBwgKMLG0nwswvr63Aw\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">Google News<\/a><\/span>\u00a0too, click on the star and choose us from your favorites.<\/span><\/strong><\/p><\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\">For forums sites go to <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/forum.buradabiliyorum.com\/\" target=\"_blank\" rel=\"noopener\">Forum.BuradaBiliyorum.Com<\/a><\/span><\/strong>\n<\/p><\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\"><strong>If you want to read more <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/news\/\" data-internallinksmanager029f6b8e52c=\"2\" title=\"News\" target=\"_blank\" rel=\"noopener\">News<\/a> articles, you can visit our <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/en.buradabiliyorum.com\/general\/\" target=\"_blank\" rel=\"noopener\">General category.<\/a><\/span><\/strong><\/p>\n<\/blockquote>\n<p><span style=\"color: black;\"><a style=\"color: #ff9900;\" href=\"https:\/\/cointelegraph.com\/news\/infamous-north-korean-hacker-group-identified-as-suspect-for-100m-harmony-attack\" target=\"_blank\" rel=\"noopener\">Source<\/a><\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>&#8221; Infamous North Korean hacker group identified as suspect for $100M Harmony attack &#8220; The Lazarus Group, a well-known North Korean hacking syndicate, has been identified as the primary suspect in the recent attack that saw $100 million stolen from the Harmony protocol.\u00a0 According to a new report published today by blockchain analysis firm Elliptic,&#8230;<\/p>\n","protected":false},"author":1,"featured_media":469157,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/images.cointelegraph.com\/images\/1200_aHR0cHM6Ly9zMy5jb2ludGVsZWdyYXBoLmNvbS91cGxvYWRzLzIwMjItMDYvZTRiMmU2ODktMzI3Yi00ZWRmLWFmYmEtMjRlZDZmNTk2NTgxLmpwZw==.jpg","fifu_image_alt":"","footnotes":""},"categories":[1],"tags":[74894,74891,74882,70375,70944,27926,73240],"class_list":["post-469156","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-general","tag-blockchain","tag-ethereum","tag-hacks","tag-cybersecurity","tag-hackers","tag-north-korea","tag-ransomware"],"_links":{"self":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/469156","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/comments?post=469156"}],"version-history":[{"count":0,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/469156\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media\/469157"}],"wp:attachment":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media?parent=469156"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/categories?post=469156"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/tags?post=469156"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}