Security teams at crypto exchanges Binance and Huobi worked together to freeze and recover 121 Bitcoin (BTC) from hackers behind the Harmony bridge exploit.
In a tweet, Binance CEO Changpeng Zhao announced that the hackers have tried to launder their funds through the Huobi exchange. After Binance detected this, they contacted and assisted Huobi in freezing and recovering the digital assets deposited by the hackers.
We detected Harmony One hacker fund movement. They previously tried to launder through Binance and we froze his accounts. This time he used Huobi. We assisted Huobi team to freeze his accounts. Together, 124 BTC have been recovered. CeFi helping to keep DeFi #SAFU!
— CZ Binance (@cz_binance) January 16, 2023
According to Zhao, the exchanges recovered a total of 121 BTC, estimated to be worth around $2.5 million at the time of writing.
Before Binance and Huobi detected and froze the funds, on-chain crypto detective, ZachXBT, highlighted that the hackers behind the exploit were moving 41,000 Ether (ETH), worth around $64 million, over the weekend.
1/2 North Korea’s Lazarus Group had a very busy weekend moving $63.5m (~41000 ETH) from the Harmony bridge hack through Railgun before consolidating funds and depositing on three different exchanges. pic.twitter.com/huDumaJeSh
— ZachXBT (@zachxbt) January 15, 2023
According to the crypto sleuth, the hackers consolidated and deposited the digital assets on three different crypto exchanges after moving the funds. However, the on-chain detective did not specify the names of the exchanges used by the exploiters.
On June 24, 2022, the Harmony team detected the exploit and reported $100 million in funds compromised. The hack highlighted concerns previously brought up by community members around some of the mutisig wallets securing the Horizon bridge.
On June 30, the Lazarus Group — an infamous North Korean hacking organization — was identified as a suspect behind the $100 million Harmony hack. Blockchain analysis firm Elliptic noted that the manner in which the hack was conducted was similar to other Lazarus Group attacks.
The Horizon bridge hack is one of the largest exploits and hacks in 2022. Analysts believe that the Lazarus Group targeted the employee login credentials to breach Harmony’s security system. The hackers then deployed laundering programs to move the stolen assets.