North Korean hackers try to launder $27M in ETH from Harmony bridge attack

North Korean exploiters behind the Harmony bridge attack continue to attempt and wash the funds taken in June. According to on-chain data revealed on Jan. 28 by blockchain sleuth ZachXBT, over the weekend the wrongdoers moved 17,278 Ether (ETH), worth about $27 million.The tokens were transferred to six different crypto exchanges, ZachXBT wrote in a Twitter thread , without revealing which platforms had gotten the tokens. 3 main addresses carried out the transactions. According to ZachXBT, the exchanges were

alerted about the fund transfers and part of the stolen assets were frozen. The motions made by the exploiters to launder the money were extremely similar to those handled Jan. 13, when over$60 million was laundered, the crypto detective said. Who’s active rn? DPRK simply finished laundering

another$17.7 m+(

11304 ETH) from the Harmony Bridge hack.S/ o to the exchanges who reacted rapidly on a weekend
so funds could be frozen. pic.twitter.com/sUyUScHR4N!.?.!— ZachXBT(@zachxbt)January 29, 2023

The funds were moved a few days after the Federal Bureau of Investigation(FBI)verified that Lazarus Group and APT38 were the wrongdoers behind the$100 million hack. In a declaration, the FBI noted that”through our examination, we had the ability to validate that the Lazarus Group and APT38, cyber stars associated with the DPRK [North Korea], are responsible for the theft of$100 countless virtual currency from Harmony’s Horizon bridge.”Related:’Nobody is holding them back’– North Korean cyber-attack danger increases Harmony’s Horizon Bridge helps with transfer between Harmony and the Ethereum network, Binance Chain and Bitcoin. A number of tokens worth about $100 million were stolen from the platform on June 23. Following the exploit, 85,700 Ether was processed through the Tornado Cash mixer and transferred at several addresses. On Jan. 13, the hackers began moving around $60 million worth of the stolen funds through the Ethereum-based personal privacy procedure RAILGUN. According to an analysis from crypto tracking

platform MistTrack, 350 addresses have actually been associated with the attack through numerous exchanges in an attempt to avoid identification.Lazarus is a popular hacking syndicate that has been linked in a number of essential crypto industry breaches, including the $600 million Ronin Bridge hack last March.