While the crypto ecosystem as a whole is recovering thanks to the positive price trend, the notorious North Korean hacker group, Lazarus Group, is reportedly busy moving funds stolen from the Harmony Bridge last year. Spotted by channel detective and self-proclaimed 2D detective ZachXBT, the hacker group used three different exchanges to move the stolen funds.
1/2 North Korea’s Lazarus Group had a very busy weekend moving $63.5m (~41000 ETH) from the Harmony bridge hack through Railgun before consolidating funds and depositing on three different exchanges. pic.twitter.com/huDumaJeSh
– ZachXBT (@zachxbt) January 15, 2023
The North Korean group Lazarus had a busy weekend moving $63.5 million (~41,000 ETH) from the Harmony Bridge hack through Railgun before consolidating the funds and depositing them on three different exchanges.
The Lazarus Group has a deep reputation in the Ransomware world, and despite the high level of sophistication of crypto and blockchain platforms, they have wreaked havoc in terms of hacks and hacking over the past two years. The Lazarus Group was indicted by the U.S. Treasury Department in the Axie Infinity Ronin Bridge exploit last year, which saw over $610 million moved from the gaming protocol.
According to ZachXBT, looting the stolen funds from Harmony Bridge is a complicated undertaking, and the Lazarus Group had to use as many as 350 Ethereum addresses. The ease of creating addresses in the crypto ecosystem appears to be one of the loopholes that regulators have pointed out to keep tabs on the industry.
Lazarus Group and OFAC sanctions
Although Lazarus Group has remained highly engaged in its exploitative and cybercriminal activities, some of its dominant addresses have been placed under sanctions by the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC).
OFAC’s sanctions against Lazarus Group are exercised both directly and indirectly through the sanctioning of crypto-currency mixing protocols, including Blender.io and Tornado Cash. While the regulator deemed the sanctions necessary, members of the crypto community reacted negatively to the sanctions against Tornado Cash, pointing out that it was inappropriate to sanction a piece of code based on its usage.