The Lazarus Group has been identified as the primary suspect in the recent attack that saw $100 million stolen from the Harmony protocol.
According to reports by blockchain analysis firm Elliptic, the manner in which Harmony’s Horizon bridge was hacked and the way in which the stolen digital assets were consequently laundered bears a striking resemblance to other Lazarus Group attacks.
Additionally, Elliptic outlined exactly how the heist was executed, noting that The Lazarus Group targeted the login credentials of Harmony employees in the Asia Pacific region to breach the protocol’s security system. After gaining control of the protocol, the hackers deployed automated laundering programs that moved the stolen assets late at night.
Elliptic also noted that the hackers have already transferred over 40% of the $100 million to Tornado Mixer, an Ethereum-based mixing service” that obscures transaction data and makes it extremely difficult for investigators to trace the movement of funds.
Initially, the Harmony team offered up a $1 million bounty as an incentive for the hackers to return the funds. However, on June 29, Harmony upped the bounty to $10 million and claimed that a full return of funds would end the investigation and no further criminal charges would be pursued.
