Crypto exchanges Binance and Huobi have frozen accounts linked to a $100 million (£83m) hack carried out by Lazarus Group, a hacking group located in North Korea, in June 2022.
Close to $1.4 million (£1.17m) of crypto was frozen across both exchanges that were originally stolen last year in an attack on the Harmony Horizon cross-chain bridge.
The accounts were identified following an investigation by blockchain analytics firm Elliptic, according to a 14 February report from the company. It remains unclear what coins or tokens were frozen.
Elliptic said it warned Binance and Huobi of the accounts, which each exchange then swiftly took down:
“The stolen funds remained dormant until recently, when our investigators began to see them funneled through complex chains of transactions, to exchanges. By promptly notifying these platforms about these illicit deposits, they were able to suspend these accounts and freeze funds.”
The Lazarus Group used Tornado Cash, a decentralised crypto ‘tumbler’ that makes crypto assets harder to track, to obscure the trail leading back to its original theft from Harmony Horizon.
Tornado Cash was sanctioned by the United States Office of Foreign Assets Control (OFAC) in August 2022 after claims it had facilitated the laundering of $7 billion (£5.8bn) of stolen cryptocurrency.
Despite Lazarus Group’s attempts, Elliptic were able to trace all of the stolen funds sent through the tumbler to their new addresses.
Simone Maini, CEO at Elliptic, said its investigation demonstrates the crypto industry is against crypto becoming a “haven” for illicit activity:
“Today, money laundering was detected and stolen funds linked to North Korea were frozen, in real time. As an industry we have the power and responsibility to prevent digital assets becoming a haven for money launderers and sanctions evaders, and ensure that they are a force for good.”
The United States Federal Bureau of Investigation determined the Lazarus Group responsible for the Harmony bridge attack on 24 January.
A week prior, Binance and Huobi worked together to freeze and recover 121 Bitcoin linked to the Harmony attack.
Since Lazarus Group began focusing on cryptocurrency in 2017, the organisation has stolen more than $2 billion (£1.66bn) of crypto, according to Elliptic estimates.
Want to learn more about blockchain from industry leaders? Check out Blockchain Expo taking place in Amsterdam, California and London.
Explore other upcoming enterprise technology events and webinars powered by TechForge here.