key takeaways
- Harmony is offering a $10 million bounty to the attacker behind last week’s $100 million Horizon Bridge hack.
- According to Elliptic, the Lazarus Group may be responsible for the theft.
- The blockchain analytics firm said the manner in which the thefts took place was “in line with the activities of the Lazarus Group.”
Share this article
Elliptic said there were “strong indications” that North Korea’s Lazarus group was responsible for the attack.
Harmony offers $10M bounty
Harmony says it has begun a “global search” to find the culprit behind the June 24 attack that led to the disappearance of $100 million worth of digital assets from its cross-chain bridge, Horizon.
1/ Harmony has launched a global search for the criminal(s) who stole $100M from Horizon Bridge. All exchanges have been informed. The board which establishes law, @ChainalysisAnd @AnChainAI Conduct proactive investigations to identify responsible actors and recover stolen property.
— harmony (@harmonyprotocol) 30 June 2022
Posted by the team behind the Layer 1 blockchain Latest information on the incident on Twitter early Thursday, saying it had contacted law enforcement, Chainalysis, and AnChain.AI to help identify the attacker.
It also offered the attacker a final ultimatum, pledging to drop its investigation if the money was reduced to a $10 million reward (Harmony initially offered $1 million for a refund). ,Keep $10M and return the remaining stolen amount. In return, Harmony will close its investigation.” a tweet Reading. Goodwill is also offering $10 million for information that will lead to the safe return of funds.
The update also gave the attacker a 00:00 UTC deadline of July 5 to initiate communication.
Elliptical Blames Lazarus Group for $100M Attack
While the investigation is ongoing and no attackers have been confirmed, blockchain analytics firm Elliptic has claimed that the Lazarus Group may be responsible for the theft.
In a blog post on Wednesday, the firm said there are “strong indications” that a North Korean state-sponsored hacking group was behind the attack.
The post describes how the attacker has so far laundered around $39 million through Ethereum mixer Tornado Cash in order to hide his on-chain transaction history. Elliptic said it had used demixing techniques to locate the funds in several new wallets, noting that Lazarus may be responsible.depending on the nature of the hack and the subsequent laundering of the stolen funds.”
It said the nature of the theft and money laundering was “in line with the activities of the Lazarus Group” and pointed to the $550 million hack on Axi Infinity’s Ronin Bridge. The US Treasury Department and others blamed Lazarus for the Ronin attack in the aftermath of the incident.
The post further stated that the Harmony Bridge theft was carried out by compromising a multi-signature wallet, possibly through social engineering – a practice Lazarus has engaged in on several occasions in the past. It also revealed that the funds were laundered regularly with small deposits in a potentially automated process, similar to the $550 million that was stolen from Ronin after the attack. In addition, those responsible for the attack operated on Asia-Pacific hours, Elliptic said.
Disclosure: At the time of writing, the author of this article owns ETH and several other cryptocurrencies.