North Korea Behind $100M Harmony Theft, Say Researchers

Hack and Money Laundering Similar to Ronin Bridge Linked to Pyongyang
North Korea Behind $100M Harmony Theft, Say Researchers
An artist's representation of the Horizon bridge (Source: Harmony)

Hackers tied to cryptocurrency-hungry North Korea are likely responsible for last week's $100 million heist at Harmony, blockchain experts say.

See Also: Delving Deeper: 2023 Fraud Insights Second Edition

The secretive, hereditary communist monarchy fuels its nuclear weapons program with stolen cryptocurrency used to dodge international sanctions that prevent ready access to cash.

Researchers at blockchain analytics firm Elliptic say they’re following the stolen cryptocurrency from Harmony's hacked cross-chain Horizon bridge even as it goes through tumblers meant to obscure subsequent transactions (see: Horizon Offers $1M Bounty to Hackers Who Stole $100M).

Telltale signs from the hack and subsequent laundering are consistent with activities undertaken by the Pyongyang-sponsored Lazarus Group.

There's no smoking gun, but Elliptic says that the Lazarus Group is already implicated in several large cryptocurrency thefts and has recently turned its attention to decentralized financial instruments, including bridges that allow the transfers of cryptocurrencies across networks. North Korea is heavily suspected to be behind the more than $600 million Ronin bridge hack in March.

Other data points indicating North Korea include a similar programmatic laundering of funds as also seen in the Ronin hack and a cessation of activity consistent with nighttime in the Asia-Pacific region.

For its part, Harmony has upped an initial offer of $1 million and a promise not to seek criminal charges for the "no questions asked" return of the stolen currency to an offer of $10 million.

So far, Elliptic says that whoever was behind the Harmony Horizon hack has moved 41% of the stolen funds through the Tornado Cash tumbler.


About the Author

David Perera

David Perera

Editorial Director, News, ISMG

Perera is editorial director for news at Information Security Media Group. He previously covered privacy and data security for outlets including MLex and Politico.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.