It was in the mid of 2022 when the exploiters from North Korea had gotten their hands on massive amounts of funds.
The reports confirm that it was the Harmony Bridge that the hackers from North Korea had attacked back in June 2022. As a result, the hackers had successfully withdrawn a massive amount.
The Hackers Keep Moving the Funds
Ever since carrying out the hack, the hackers have kept a low profile and did not make any prominent move. However, they have kept moving funds they stole from time to time.
On January 28, a blockchain detective, ZachXBT shared an update in regard to the involvement of the perpetrators. The detective revealed that the hackers have moved a large sum of funds.
According to the investigator’s findings, the hackers have moved a total of $27.18 million. They attempted to move them in the form of Ethereum.
ZachXBT has confirmed that the hackers attempted to do it in Ethereum and they tried doing it over the weekend.
Information about the Funds Movement
ZachXBT shared his findings about the transfers through the Twitter platform. He claimed that the hackers did not transfer the funds to a single cryptocurrency exchange.
Instead, they transferred the funds to six different cryptocurrency exchanges in the process. For now, the user has not confirmed which exchanges received the Ethereum tokens following the transfer.
ZachXBT has confirmed that there were three particular wallet addresses that were behind the transactions worth $27.18 million.
Half the Funds were frozen
ZachXBT went on to confirm that the authorities did not let the transactions take place like that. They were monitoring the transactions and took an action against them right away.
They notified the respective cryptocurrency exchanges and had them freeze the funds. As a result, the exchanges were able to freeze half of the funds that were transferred by the hackers.
According to ZachXBT’s findings, the hackers used a similar tactic in transferring the $27.18 million worth of funds they used to make a larger transaction.
It was on January 13, when the hackers reportedly made a huge transaction. The transaction was tagged as a money laundering activity and it was for more than $60 million.
Funds were transferred after the FBI’s Announcement
According to more investigative sources, the hackers started to move the funds just a few days after the FBI shared its investigation report on the matter.
The Federal Bureau of Investigation (FBI) was onto the hack and they were deeply investigating the matter. They wanted to establish who was behind the hack and wanted to deal with the stolen funds as soon as possible.
They confirmed that their investigations have made it clear that APT38 and the Lazarus Group were behind the hack. The hackers from these groups reportedly hacked $100 million back in June 2022.
They even issued a public statement confirming that their investigations have revealed that these groups were working in association with the DPRK.
These cyber actors were working together and they were able to exploit $100 million in the form of virtual cryptocurrencies. They had attacked the Horizon Bridge of Harmony and stole a huge amount of funds.
Purpose of the Harmony Bridge
The Harmony Bridge is known for the facilitation of transfers between multiple blockchain networks. The users on the Bitcoin, Binance Chain, Ethereum Network, and the Harmony blockchain can use the platform.
They can transfer funds among themselves using the bridge facility their protocol has to offer.
The hackers had attacked the bridge back on June 23 and they were able to steal the $100 million worth of cryptocurrencies that were in circulation.
In terms of digital currencies, the hackers were able to get their hands on a total of 85,700 ETH. Right after exploiting the funds, the hackers used the crypto mixer, Tornado Cash to hide their trail.
After carrying out the mixing, they went on to transfer the funds to more than one address to create confusion.