North Korea's Lazarus Group Is Likely Behind Blockchain Firm Harmony's $100 Million Theft
OpenSea's customers emails leaked to an outside party, Indian hackers have tried to steal documents in 35+ legal cases, GOP FCC Chairman asks Google and Apple to remove TikTok apps, much more
Metacurity is a reader-supported publication. To receive new posts and support my work, consider becoming a free or paid subscriber.
Blockchain forensics company Elliptic Enterprises said the state-backed North Korean Lazarus hacking group is likely behind the recent $100 million theft from California blockchain firm Harmony.
Elliptic said the hack bore similarities to the recent $600 million Ronin Bridge attack, attributed to Lazarus by the U.S. Treasury Department. The hackers targeted the username and password credentials of Harmony workers in the Asia Pacific region to break into Harmony’s blockchain bridge.
While using automated laundering services, hackers moved the funds during Asia Pacific nighttime hours. All of these are signatures of Lazarus’ attack methods. According to Elliptic, the hacker has already sent 41% of the $100 million to a Tornado Cash mixer, a service used to hide the transaction trail. (Margi Murphy / Bloomberg)
Keep reading with a 7-day free trial
Subscribe to Metacurity to keep reading this post and get 7 days of free access to the full post archives.