Elliptic said the North Korean-linked hacker group Lazarus may have been behind the attack on the Horizon cross-chain bridge.

According to analysts, hackers have already sent 41% of stolen crypto assets to Tornado Cash for money laundering. At the time of writing, the attackers transferred more than 35,000 ETH to the mixer.

Prior to that, hackers brought the stolen assets to the Uniswap decentralized exchange and converted them into 85,837 ETH. Elliptic noted that this is a fairly common method of laundering stolen funds.

Analysts have identified several reasons why North Korean Lazarus is behind the attack.

They suggested that assets were regularly transferred to Tornado Cash and some sort of automated software was involved. Experts observed a similar system during the laundering of stolen funds during the attack on the Ronin sidechain. There are probably Lazarus hackers behind this as well.

The theft was accomplished by compromising the private keys of the multisig wallet, possibly through a social engineering attack against members of the Harmony team. Elliptic noted that such methods are frequently used by the Lazarus Group.

Also, analysts say the Lazarus Group frequently targets victims in the Asia-Pacific region. Many members of Harmony’s core team have connections to the region.

Recall that on June 24, the Harmony blockchain platform reported an attack on the Horizon cross-chain bridge, as a result of which the attackers stole about $ 100 million worth of assets. Later, the Harmony team offered a reward of $ 1 million for its return. stolen funds

US authorities have issued a warning about threats from North Korean hackers aiming to steal cryptocurrencies.

Read ForkLog bitcoin news in our Telegram – cryptocurrency news, courses and analysis.