The North Korea-based hacking group Lazarus Group resorted to different privacy mixers in an attempt to anonymize the stolen funds, but it didn’t work. Cryptocurrency exchanges Binance and Huobi have again frozen accounts related to the $100 million Harmony Horizon bridge hack last June.
About $1.4 million worth of cryptocurrencies frozen by the trading platform came from accounts linked to the notorious Lazarus Group operating out of North Korea.
The survey was conducted by blockchain analytics firm Elliptic, according to a report the firm shared on Feb. 14. However, the company did not say which coins or tokens were frozen. Since the Harmony exploit, it has been well documented that Lazarus Group resorted to the now US OFAC-approved privacy mixer, Tornado Cash, in an attempt to break the transaction thread back to the original theft. While this supposedly made it easier to cash out funds on exchanges, Elliptic investigators were able to trace the entirety of the stolen funds sent through the mixer in this case, the report said.
Elliptic CEO Simone Maini said the incidents demonstrate that the industry is taking on the responsibility of preventing money laundering and preventing cryptocurrencies from becoming a “safe haven” for illicit activity: “Today, money laundering was detected and stolen funds linked to North Korea were frozen, in real time. As an industry we have the power and responsibility to prevent digital assets becoming a haven for money launderers and sanctions evaders, and ensure that they are a force for good.”
On January 24, the FBI attributed the Harmony Bridge attack to the Lazarus Group.
This is not the first time Binance and Huobi have collaborated on the matter.
On January 16, the two platforms successfully frozen and recovered 121 bitcoins, worth $2.5 million at the time, in connection with the Harmony attack. However, the recovered funds are only a fraction of the $63.5 million laundered that weekend, according to crypto sleuth ZachXBT, who claims the funds were funneled through the Ethereum-based privacy protocol Railgun and then sent to three different transactions Place. Elliptic’s latest effort last week also found that the Lazarus Group laundered roughly $100 million in bitcoin through “Sinbad,” which they claim is a relaunch of the now OFAC-approved privacy mixer Blender.
The Lazarus Group is believed to have stolen more than $2 billion in cryptocurrency since shifting focus to the industry in 2017, according to Elliptic estimates.
