North Korean Lazarus Group Moves $64M ETH From Harmony Hack


This weekend, the Lazarus Group has begun relocating their cryptocurrency from the Harmony Bridge breach.

On January 16, blockchain detective ‘ZachXBT’ revealed information about the transfers of big quantities of Ethereum. The crypto assets started with Tornado Cash and were routed through Railgun.

Railgun is a smart contract privacy platform that leverages zero-knowledge proofs to conceal transactions.

Around 41,000 ETH worth roughly $63.5 million was moved through Railgun before being deposited on three separate exchanges, according to the analyst who followed the moves through more than 350 addresses.

It was not stated which exchanges were used, but the analyst claimed that it is often removed from them fairly shortly.

Lazarus has gotten pretty good at transferring illicit cryptocurrency while avoiding being found by law enforcement. The Harmony Bridge assault in June 2022 was associated with the cyber collective. Elliptic, a company that does blockchain research, at the time provided a thorough report on the assault.

Harmony Bridge was breached on June 24 for around $100 million. Elliptic claimed to have employed “Tornado demixing capabilities” to follow the stolen money via Tornado and to other wallets.

The Lazarus Group has been implicated in a number of significant cryptocurrency heists worth more than $2 billion. It began concentrating on DeFi and cross-chain bridges in 2022 and was thought to be responsible for the $600 million Ronin Bridge assault.

A North Korean hacking outfit launched phishing attacks against Japanese crypto asset exchanges in October.