Over the weekend, North Korea-linked Lazarus Group laundered 17,000 ETH from the Harmony hack it conducted last year.
Lazarus Group, the hacking group associated with North Korea, has laundered 17,000 ETH from the Harmony bridge attack it executed last year. The transfers took place over the weekend, and the total sum exceeds $27 million.
Crypto market analysts and detective ZachXBT posted information about the funds’ movements on Jan. 29. He first noticed that Lazarus had moved 11,304 ETH, listing the main addresses involved.
The funds were sent to six exchanges, and ZachXBT noted 14 addresses that were linked to BTC withdrawals. Some exchanges have frozen the funds, though it’s unclear how much was frozen since the funds began moving.
It’s another move from a country that is known to target the crypto sector, with many believing that the funds go towards funding its nuclear missile program. Many analyses have linked the Lazarus Group to several attacks in the crypto market.
$63.5M From the Harmony Attack Moved Earlier This Month
This is the second time funds linked to the Lazarus Group have moved this month. In mid-January, the group moved $63.5 million from the same Harmony Bridge attack. That brings the total amount laundered this month to about $93.5 million.
If the group is keen to launder money, suggesting that North Korea is beefing up its treasury, more such fund transfers could occur. The group has carried out other attacks on the crypto market, and other such funds waiting for transfer could very well exist.
FBI: Lazarus Group Behind Harmony Hack
The FBI confirmed last week that the Lazarus Group was behind the Harmony bridge attack. At the time, Binance and Huobi managed to recover over 124 BTC. Cross-chain bridges have become a preferred choice for attacks, with this accounting for 50% of all DeFi exploits.
Perhaps the most significant attack that took place last year was the Ronin Bridge attack. The Lazarus Group also conducted this $600 million theft. It spurred DeFi companies to prioritize security, though it appears that attackers will still throw themselves at the DeFi market, searching for exploits.
BeInCrypto has reached out to company or individual involved in the story to get an official statement about the recent developments, but it has yet to hear back.