North Korean Hackers Launder Staggering $27 Million in Ethereum from Recent Harmony Bridge Attack: Here’s What You Need to Know

North Korea
Ad Disclosure
Ad Disclosure

We believe in full transparency with our readers. Some of our content includes affiliate links, and we may earn a commission through these partnerships. However, this potential compensation never influences our analysis, opinions, or reviews. Our editorial content is created independently of our marketing partnerships, and our ratings are based solely on our established evaluation criteria. Read More
Last updated:
Ad Disclosure
Ad Disclosure

We believe in full transparency with our readers. Some of our content includes affiliate links, and we may earn a commission through these partnerships. However, this potential compensation never influences our analysis, opinions, or reviews. Our editorial content is created independently of our marketing partnerships, and our ratings are based solely on our established evaluation criteria. Read More
Author
Jaroslaw Adamowski
Author Categories
About Author

Last updated:
Why Trust Cryptonews
Cryptonews has covered the cryptocurrency industry topics since 2017, aiming to provide informative insights to our readers. Our journalists and analysts have extensive experience in market analysis and blockchain technologies. We strive to maintain high editorial standards, focusing on factual accuracy and balanced reporting across all areas - from cryptocurrencies and blockchain projects to industry events, products, and technological developments. Our ongoing presence in the industry reflects our commitment to delivering relevant information in the evolving world of digital assets. Read more about Cryptonews
Ad DisclosureWe believe in full transparency with our readers. Some of our content includes affiliate links, and we may earn a commission through these partnerships. Read more
North Korea’s capital Pyongyang. Source: Adobe/Oleg Znamenskiy

Industry observers believe North Korean hackers, widely blamed for last year’s attack on cross-chain bridge provider Harmony, have recently finished laundering 17,278 ETH, valued at over $27 million.

Crypto hack investigator ZachXBT compiled data from a number of exchanges to come up with the figure, directing a shoutout “to the exchanges who responded quickly on a weekend so funds could be frozen”. The researcher also linked to a report containing more than 350 associated crypto addresses.

Later on Jan. 29, ZachXBT disclosed in a tweet that, to date, the researcher has “been able to map out 895 BTC in withdrawals to 14 addresses from the exchanges.”

Earlier this month, ZachXBT said that “North Korea’s Lazarus Group had a very busy weekend moving $63.5m (~41000 ETH) from the Harmony bridge hack through Railgun before consolidating funds and depositing on three different exchanges”. 

Railgun is an anonymizing tool which assigns certain levels of privacy protection to transactions.

The United States Federal Bureau of Investigation (FBI) has accused North Korean hackers of perpetrating the attack on Harmony. The Harmony Horizon bridge was compromised last June. The breach is attribute to two Pyongyang-backed groups of hackers, namely the Lazarus Group and APT38. 

In an announcement, the FBI said that, as it “continues to combat malicious cyber activity, including the threat posed by the Democratic People’s Republic of Korea (DPRK) to the U.S. and our private sector partners,” the investigation enabled the bureau “to confirm that the Lazarus Group (also known as APT38), cyber actors associated with the DPRK, are responsible for the theft of $100 million of virtual currency from Harmony’s Horizon bridge reported on June 24, 2022.”

In response to the discovered illicit activities of the hackers, Changpeng ‘CZ’ Zhao, the CEO of major crypto exchange Binance, tweeted that his company was able to retrieve some of the stolen crypto assets. 

“We detected Harmony One hacker fund movement. They previously tried to launder through Binance and we froze his accounts. This time he used Huobi. We assisted Huobi’s team to freeze his accounts. Together, 124 BTC have been recovered,” the exchange’s CEO said on Jan. 16. 

In addition to Binance and Huobi, the cybercriminals also attempted to use the crypto exchange OKX to launder the stolen crypto assets, according to data obtained by ZachXBT. 

More Articles

Price Analysis
Will Trump’s Tariffs Boost Bitcoin: Down 5% Again
Arslan Butt
Arslan Butt
2025-02-08 14:39:24
Price Analysis
Solana Struggles: Price Down Almost 15% in a Week – Is It Time to Buy?
Arslan Butt
Arslan Butt
2025-02-08 13:22:54
Crypto News in numbers
editors
Authors List + 66 More
2M+
Active Monthly Users Around the World
250+
Guides and Reviews Articles
8
Years on the Market
70
International Team Authors