Skip to content

North Korean Hackers Tried to Launder $27M Worth of Stolen Crypto Through Mixers

The Lazarus Group, also known as APT38, reportedly shifted around 17278 ETH worth roughly $27.18 million to six exchanges throughout the weekend, as shown by on-chain data.

Photo by Max Bender / Unsplash

This past weekend, as the price of bitcoin came dangerously close to $24,000, hackers from North Korea were busily transferring some of Harmony's Horizon bridge assets.

Binance CEO Changpeng Zhao (CZ) stated that some exchanges are not collaborative in the fight against crime, which facilitates the liquidation of ETH to BTC. This statement was made even though several crypto currency exchanges promptly froze some cash.

The Lazarus Group, also known as APT38, reportedly (1) shifted around 17278 ETH worth roughly $27.18 million to six exchanges throughout the weekend, as shown by on-chain data provided by blockchain specialist ZachXBT.

According to the reports, the APT38 was successful in converting a portion of the $27 million worth of Ethers into Bitcoin and was also able to withdraw their funds from the exchanges.

On January 28, 2023, the Lazarus Group cleaned an additional 17,278 ETH by moving them via six exchanges. ZachXBT mentioned that the cash was exchanged for BTC and then withdrawn.

The Lazurus organization has been transferring clean money to several different locations to disguise their true identities behind many layers of cover stories.

However, Binance and Huobi are two crypto currency exchanges that notified Harmony's Horizon Bridge about the stolen funds by placing a freeze on those assets. This demonstrates the critical dependency between centralized exchanges and decentralized financial infrastructure platforms.

Harmony Horizon Bridge's Attack

Transfers may be made more easily across the Ethereum network, the Binance Chain, and Bitcoin, thanks to the Horizon Bridge, which is part of Harmony. The Lazarus hacking organization took advantage of a security flaw in the multichain network and stole around one hundred million dollars in crypto currency.

The FBI has released new information indicating that the hacking gang known as Lazarus is entirely responsible for stealing one hundred million dollars from Harmony's Horizon Bridge on June 24, 2022.

According to reports, the monies that were taken are being used by the Lazarus organization to aid North Korea's government in developing ballistic missiles and weapons of mass destruction.

Even though the majority of the stolen monies have already been cleaned, the blockchain has been updated to indicate that the stolen assets pose a high risk to prevent them from ever generating liquidity.

In addition, numerous cryptocurrency exchanges have been making several efforts to liquidate, which has resulted in some of the cash being blocked.

"On January 13, 2023, North Korean cyber criminals utilized a privacy protocol known as RAILGUN to launder over sixty million dollars worth of Ethereum (ETH) that had been stolen during the theft place in June 2022."

According to the information provided (2) by the FBI, a part of the stolen Ethereum was then transferred to several virtual asset providers and changed to bitcoin (BTC).

Particularly noteworthy is the fact that the North Korean hackers masked their digital identities by using the Tornado Cash crypto mixer. As a consequence of this, the United States Treasury Department put Tornado Cash under punishment for providing support to North Korean hacker organizations.

According to the most recent information by Harmony One, about 64 thousand wallets were compromised in the hack that cost $100 million.