RSS
Логотип
Баннер в шапке 1
Баннер в шапке 2

Harmony

Company

Information Technology
Since 2018
Mountain View, California, United States


width=200px

Content

History

2023: $64M Cryptocurrency Stolen by Hackers

In mid-January 2023, information appeared that cybercriminals tried to launder cryptocurrency assets worth approximately $64 million. Crypto exchange security teams Binance Huobi have joined forces to discourage fraudulent activities.

According to an expert in the field of blockchain ZachXBT, we are talking about monetizing funds stolen as a result of hacking the cross-chain of the Harmony Bridge. It is assumed that the North Korean cybercriminal group Lazarus Group is behind this attack.

Hackers stole $64 million of cryptocurrency by hacking into popular blockchain system

According to ZachXBT, the attackers combined and placed digital assets on three different crypto exchanges (their names are not specified). A total of 41,000 ETHs were distributed (approximately $64.3 million at the exchange rate as of January 17, 2023).

According to the head of the Binance crypto exchange Changpeng Zhao, cybercriminals have already tried to use this platform to launder the stolen cryptocurrency. However, Binance stopped this activity by freezing the accounts of attackers. Now hackers have tried to use the Huobi platform. After Binance specialists discovered the corresponding activity, they contacted the Huobi cybersecurity team. Together, it was possible to freeze the accounts of cybercriminals and return 124 BTC (about $2.63 million at the exchange rate as of January 17, 2023).

The cross-chain hacking of the Harmony Bridge is one of the biggest attacks on cryptocurrency systems in 2022. According to the investigation, members of the Lazarus Group used employee credentials to hack the platform's security system. The hackers then deployed specialized software tools to move the stolen assets.[1]

2022: Asset theft totalling just under $100m

The attacker withdrew cryptocurrency assets Ethereum totaling just under $100 million from blockchain Harmony. This became known on June 28, 2022.

Harmony's main platform, Horizon Bridge, is a crosschain bridge that allows cryptocurrencies to be transferred between different blockchains. The attackers used it to withdraw 85837.3 ETH, which is approximately $99.3 million, to their wallet.

According to CertiK, which analyzed the incident, the attackers were able to access Horizon multi-signature wallets and withdraw funds.

File:Aquote1.png
On June 23, 2022, the bridge between the Harmony blockchain and Ethereum underwent serial operation, CertiK said in a publication. - We were able to identify 12 unauthorized transactions and three wallets belonging to the attacker. As part of these transactions, the attacker intercepted various tokens from the bridge, including ETH, USDC, WBTC, USDT, DAI, BUSD, AAG, FXS, SUSHI, AAVE, WETH and FRAX. Transactions were unequal in amounts, but their range ranged from $49.2 thousand to $41.2 million. The attacker managed to achieve this by somehow obtaining from the owner of the MultiSigWallet wallet a call to a direct confirmTransaction transaction... for direct output of a large number of tokens from the bridge to Harmony. The attacker focused all these funds on one main address.
File:Aquote2.png

Harmony noted that the attackers managed to compromise the private keys. At the same time, the company continues to assert that the keys were stored securely, in a twice encrypted form, and it was impossible to get access to them in plaintext from one specific machine.

File:Aquote1.png
The attacker managed to gain access and decrypt a number of keys, including those used before signing the unauthorized transaction, and seize assets in the form of BUSB, USDC, ETH and WBTC, Harmony said in a statement. - All these assets were then converted into ETH and at the end of June 2022 remain in the hacker's account on the Ethereum blockchain. At the time of the release of the news, the hacker did not take any measures to anonymize these assets.
File:Aquote2.png

The company also said that the speech about the compromise of the smart contract system or vulnerabilities in the Horizon platform itself and that the funds were stolen "on the side of Ethereum."

The company appointed an award of $1 million for the return of stolen assets and for technical information about the attack, promising also not to bring criminal charges in the event of the return of stolen goods.

File:Aquote1.png
The fact that the attacker did not try to anonymize the withdrawn funds may indicate the demonstrative nature of this attack, said Mikhail Zaytsev, an information security expert at SEQ. - And, it seems, Harmony also suspects that someone in made an unauthorized "penetration test" to demonstrate the ability to bypass existing blockchain security tools. Hence the promise of a major reward. But exactly so far nothing can be said[2].
File:Aquote2.png

Notes