Harmony Steps Up “Global Manhunt” For $100 Million Thief As Lazarus Group Accused

Key learning points

  • Harmony is offering a $10 million bounty to the attacker behind last week’s $100 million Horizon Bridge hack.
  • According to Elliptic, Lazarus Group may be responsible for the theft.
  • The blockchain analytics firm said the manner in which the theft was carried out was “consistent with the activities of the Lazarus Group”.

share this article

Elliptic has said there is “strong evidence” that North Korea’s Lazarus group is responsible for the attack.

Harmony offers $10 million bounty

Harmony says it has launched a “global manhunt” to find the culprit the attack of June 24 that saw $100 million in digital assets disappear from its cross-chain bridge, Horizon.

The team behind the Layer 1 blockchain has posted an update on the incident on Twitter early Thursday, saying it had reached out to law enforcement, Chainalysis and AnChain.AI to help identify the attacker.

It also offered the attacker a final ultimatum, promising to drop the investigation if the money was returned minus a $10 million bounty (Harmony initially offered $1 million for the return of the money). †Hold $10 million and return the remaining amount stolen. In return, Harmony will discontinue its investigation.” a tweet read. Harmony is also offering $10 million for information leading to a safe return of the funds.

The update also gave the attacker a deadline of 00:00 UTC on July 5 to initiate communications.

Elliptic Accuses Lazarus Group of $100 Million Attack

While the investigation is ongoing with no confirmation of the attacker, blockchain analytics firm Elliptic has claimed that Lazarus Group may be responsible for the theft.

In a wednesday blog postthe company said there is “strong evidence” that the North Korean state-sponsored hacking group was behind the attack.

The post noted how the attacker has so far laundered about $39 million of the loot through the Ethereum mixer Tornado Cash in an attempt to hide their transaction history in the chain. Elliptic said it had used unmixing techniques to trace the funds into some new portfolios, noting that Lazarus may be responsible.”based on the nature of the hack and subsequent laundering of the stolen money.”

It added that the nature of the theft and money laundering was “consistent with the activities of the Lazarus Group” and pointed out the $550 million hack on Axie Infinity’s Ronin Bridge. The United States Department of the Treasury and others blamed Lazarus for the Ronin attack in the aftermath of the incident.

The post went on to add that the Harmony bridge theft was carried out by compromising a multi-signature wallet, likely through social engineering — a practice Lazarus has practiced on multiple occasions in the past. It also pointed out that the money had been laundered with regular small deposits in a potentially automated process, similar to how the $550 million stolen from Ronin was laundered after the attack. In addition, those responsible for the attack on Asia-Pacific were operating for hours, Elliptic said.

Disclosure: At the time of writing, the author of this piece owned ETH and several other cryptocurrencies.

share this article

Leave a Comment

Your email address will not be published.