State-affiliated hacker group Lazarus is allegedly connected to the US$100 million hack on Harmony Protocol’s Horizon cross-chain bridge, blockchain analytics firm Elliptic said.

See related article: Horizon’s US$100 mln crypto hack prompts FBI investigation

Fast facts

  • The attack on Harmony resembled previous hacks attributed to the Lazarus Group, such as exploiting multi-signature wallet keys, extensive use of Tornado Cash, a service that makes it harder to trace crypto, and preying on decentralized finance (DeFi) services in the Asia Pacific (APAC) region, Elliptic said.
  • Harmony Protocol is a project based in California but its core team members have ties to the APAC region. 
  • More than US$100 million worth of crypto was drained from Horizon Bridge, Harmony said on its verified Twitter handle on the morning of June 24, Asia time. 
  • Since June 27, the hacker has moved at least US$39 million in Ether to Tornado Cash, according to the blockchain analytics firm.
  • In April, the U.S. Treasury said North Korea-backed Lazarus Group was behind the US$622 million hack of the Ronin sidechain, on which runs the popular blockchain game Axie Infinity.
  • In May, the U.S. Treasury’s Office of Foreign Assets Control (OFAC) sanctioned virtual currency mixer (Blender) for allegedly helping North Korea hide crypto theft proceeds.

See related article: US Treasury says prioritize sanctioning North Korea for crypto hacking