Security teams at cryptocurrency exchanges Binance and Huobi worked together to freeze and recover 121 Bitcoins (BTC) from the hackers behind the Harmony Bridge exploit.
In a tweet, Binance CEO Changpeng Zhao announced that hackers attempted to launder his funds through Huobi exchange. After Binance discovered this, they contacted and helped Huobi freeze and recover the digital assets deposited by the hackers.
We have detected money movement from the Harmony One hackers. They have already tried to launder money through Binance and we have frozen their accounts. This time I use q Huobi. We have helped the Huobi team to freeze their accounts. All together, 124 BTC has been recovered. CeFi helps sustain DeFi #Safu!
– CZ Binance (cz_binance) January 16, 2023
According to Zhao, the exchange has recovered a total of 124 BTC, estimated to be around $2.5 million at the time of writing.
Before Binance and Huobi discovered and froze the funds, cryptocurrency investigator ZachXBT highlighted that the hackers behind the exploit were moving 41,000 ether (ETH), worth around $64 million, over the weekend.
1/2 North Korea-based Lazarus Group had a very busy weekend moving $63.5 million (~41,000 ETH) from the Harmony Bridge hack via Railgun before merging funds and depositing to three different exchanges. pic.twitter.com/huDumaJeSh
– ZachXBT (@zachxbt) January 15, 2023
According to the cryptoanalyst, the hackers consolidated the digital assets and deposited them on three different crypto exchanges after transferring the funds. However, the on-chain investigator did not specify the names of the exchanges used by the scalpers.
On June 24, 2022, Team Harmony discovered the exploit and reported $100 million in compromised funds. The hack highlighted concerns previously raised by community members about some of the mod wallets protecting the Horizon Bridge.
On June 30, the Lazarus Group – a notorious North Korean hacking organization – was identified as the suspect behind the $100 million Harmony hack. Blockchain analytics firm Elliptic noted that the manner in which the hack was carried out was similar to other Lazarus Group attacks.
The Horizon bridge hack is one of the biggest breaches and breaches of 2022. Analysts believe that Lazarus Group targeted employee login credentials to breach the Harmony security system. The hackers then deployed laundering programs to move the stolen assets.