Crypto tracker picks up trail of funds heisted from Harmony Bridge in June

Published at: Jan. 23, 2023

Crypto tracking platform MistTrack has followed funds taken in the Harmony bridge hack and made 350 addresses associated with the attack public. North Korea’s state-sponsored Lazarus Group is thought to be behind the hack. According to a Twitter thread posted on Jan. 23, the funds were transferred through various exchanges in an effort to elude trackers. 

Funds in a number of tokens worth about $100 million were stolen from the Harmony bridge on June 23, 2022, then quickly swapped for Bitcoin (BTC), according to MistTrack, and returned to the wallet they had originally been transferred to. The bridge facilitates transfer between Harmony and the Ethereum network, Binance Chain and Bitcoin. Harmony offered $1 million for the return of the funds, but the offer was not accepted.

Rather, the hackers, who were later identified as the North Korean Lazarus Group, ran 85,700 Ether (ETH) through the Tornado Cash mixer and deposited them at several addresses, where they remained until Jan. 13, when they were transferred to a Railgun, a privacy system on Ethereum that provides anonymization. From there, they were transferred to the addresses identified.

New Updates on the Harmony Bridge Hack On June 23rd of 2022, the Harmony bridge fell victim to a devastating attack that resulted in a loss of approximately $100 million. https://t.co/Rlcl8Jj0s2

— MistTrack️ (@MistTrack_io) January 23, 2023

Other funds were transferred to the Avalanche (AVAX) blockchain, where they were exchanged for Tether (USDT) or Tron’s USDD token and eventually deposited into addresses on the Ethereum and Tron networks.

Related: ‘Nobody is holding them back’ — North Korean cyber-attack threat rises

Some progress has been made on recovering the stolen funds. Binance CEO Changpeng Zhao (CZ) announced via Twitter on Jan. 15 that 121 BTC had been recovered from the Huobi exchange after Binance detected their presence there.

Harmony proposed minting new native ONE tokens to reimburse some of the 65,000 wallets that had suffered losses from the hack, but that idea proved unpopular and instead it announced a plan in September to reimburse the losses out of its treasury. In November, Harmony said it was adding seven coins from the compromised bridge that were unaffected by the hack to its new LayerZero bridge, thus making it possible for holders of the coins to move them off the network.

Additional reporting by Tom Blackstone.

Tags
Blockchain
Hacks
Related Posts
MicroStrategy's bottom line gets beefier on Bitcoin moves: Bad crypto news of the week
It’s been another strong week for Bitcoin. The dollar price is up about 2.5 percent over the week, although that’s still something of a decline from its recent high above $13,400. At one point, Bitcoin fell 4 percent in 24 hours. But bulls remain optimistic and see the price advancing towards $20,000, possibly as early as March. That future price movement will depend on a number of factors, including whether banks follow Paypal into cryptocurrency acceptance; the size of the stimulus expected to counter the new coronavirus outbreak; and the pattern of the hash rate, among other factors. One point …
Blockchain / Oct. 31, 2020
Unofficial Iranian Telegram Applications Leak Data of 42M Users
While Telegram isn’t giving up its ongoing legal battle with United States regulators to launch its TON blockchain project, some online perpetrators are taking advantage of the messenger’s popularity to expose millions of user records of third-party versions of Telegram app. Per an investigation by cybersecurity firm Comparitech and security researcher Bob Diachenko, at least 42 million Iranian “Telegram” usernames and phone numbers were leaked via unofficial Iranian-made versions of Telegram, while real Telegram is banned in the country. 42 million Iranians that are willing to use the banned messenger got their data exposed According to a March 30 report …
Blockchain / March 31, 2020
Finance Redefined: Alchemy raises $200M, Bunny goes DAO, Feb. 4–11
Welcome to the latest edition of Cointelegraph’s decentralized finance newsletter. As the DeFi space continues its technical resurgence, essential news on funding, innovation and DAOs continues to drive adoption in what remains a nascent industry. For the full version of this newsletter including longer, more descriptive analysis of the top stories this week, subscribe below: Alchemy raises $200M in latest funding, ACH token soars 77% Web3 platform Alchemy announced the launch of a $200-million Series C funding round this week, giving the company a decacorn status and a valuation of $10.2 billion. The seven-investor round was led by two California-based …
Decentralization / Feb. 12, 2022
BNB Chain confirms BSC halt due to 'potential exploit'
BNB Chain (BNB) the blockchain of cryptocurrency exchange Binance, was paused on Oct. 6 due to what it states is “irregular activity” on the network with the team having determined a potential exploit. The official Twitter account of the BNB Chain announced the temporary pause, soon after adding it had found a possible exploit. Binance provide an update that the blockchain was “under maintenance” suspending all deposits and withdrawals. To confirm, we have suspended BSC after having determined a potential exploit. All systems are now contained, and we are immediately investigating the potential vulnerability. We know the Community will assist …
Blockchain / Oct. 6, 2022
Main hacker in Transit Swap exploit agrees to return remaining funds
On Monday, decentralized finance (DeFi) protocol Transit Swap announced that it had reached an agreement with its biggest hacker for the return of funds. Approximately one week prior, a hacker exploited an internal bug on a swap contract within the protocol and caused other individuals to imitate the security breach, leading to a loss of over $23 million in user funds. However, the main hacker has since returned approximately 70% of exploited funds thanks to the help of security companies such as Peckshield, SlowMist, Bitrace, and TokenPocket. They quickly tracked down the hacker by identifying their IP address, email address, …
Blockchain / Oct. 10, 2022