Over the weekend, on-chain analysts detected large movements from wallets tied to suspected North Korean hackers that stole about $100 million in crypto from Horizon in June last year.
Horizon is a bridge that connects Ethereum to the Harmony blockchain. At the time, the money was laundered via Tornado Cash, a popular crypto mixer, and spread among many wallets. Blockchain forensic firms Elliptic and Chainalysis traced the Harmony hackers to Lazarus — a well-known North Korean hacking group associated with the country's regime.
Over 200 days later, the hackers attempted to launder a large sum of portion of the stolen funds — yet again to evade getting caught.
ZachXBT, a pseudonymous on-chain sleuth for cryptocurrency transactions, and security firm SlowMist were the first to detect suspicious activity involving wallets associated with the hackers.
The hackers transferred 41,000 ETH ($63.5 million) through over 350 different addresses in the past few days, said ZachXBT, who aggregated on-chain data and identified these suspicious transactions.
On Jan. 13, hackers started moving these funds to Railgun, a privacy-focused exchange built directly on the Ethereum blockchain that acts as a mixer, making transactions hard to trace. Such protocols can often be infallible especially when there’s large amounts of funds moving through them in identifiable patterns or clusters of transactions.
ZachXBT found that after Railgun, the funds were consolidated into specific addresses, and moved to three exchanges: Huobi, Binance and OKX, likely in an attempt to convert the assets into fiat money.
At least one centralized exchange has frozen a portion of these assets. Binance CEO Changpeng Zhao said his team was able to seize 124 bitcoin ($2.6 million). The details of how much was transferred to each exchange and how much the hackers were able to successfully launder assets through them remain unclear, ZachXBT noted.
© 2023 The Block. All Rights Reserved. This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.