Lazarus Group Suspected as Culprits for $100 Million Concord Bridge Hack
MistTrack – a crypto monitoring and compliance platform – has revealed updates on its investigation of the Concord bridge hack that compromised $100 million final June.
They discovered that the notorious North Korean hacking group, The Lazarus Group, are probably behind the theft.
The Motion of Funds
In a Twitter thread on Monday, MistTrack stated Lazarus handed the stolen funds via a number of exchanges and blockchains whereas making an attempt to cowl their on-chain tracks.
However, the platform found that many funds had been transferred to exchanges together with Huobi, Binance, and OKX. These funds had been then “shortly transformed to BTC” earlier than being withdrawn from the exchanges.
Subsequent, the BTC underwent “a number of multi-layer transfers,” earlier than among the funds had been returned to exchanges. In the meantime, others had been bridges to Avalanche via a number of cross-chain exchanges for USDT and USDD – stablecoins pegged to the U.S. greenback.
Different funds had been transferred to Ethereum, after which ultimately to Tron, the place the recipient addresses had been associated to a “USDT combined community.”
A bridge permits customers to switch belongings which might be in any other case native to 1 blockchain (ex. BTC for Bitcoin; ETH for Ethereum) over to different chains. That is often completed by having customers lock their tokens at a particular deal with on the supply blockchain, whereas tokenized equivalents are minted in equal measure on the opposite chain.
Sadly, bridges have grow to be widespread targets for hackers, bearing witness to among the most catastrophic crimes in DeFi historical past. One such theft was the Concord bridge hack itself, which noticed $100 million price of ETH stolen in June.
Months prior, an impartial researcher named “Ape Dev” on Twitter warned that Concord might lose all of its funds if simply two of the 4 personal keys controlling the bridge’s pockets had been compromised, probably for as much as $330 million.
Different terrific hacks final 12 months included the $600 million + Ronin bridge hack, which drained the complete Axie Infinity treasury. On this occasion, 5 of 9 keys controlling the bridge had been compromised, permitting for over 170,000 ETH and 25 million USDC to be taken.
These funds had been additionally stolen by the Lazarus group, from whom simply 5% of the funds have been recovered since.
Circle CEO Jeremy Allaire lately tweeted about an upcoming blockchain bridge for USDC. Not like different bridges, this one is not going to comprise a big honeypot targetable by hackers.
Binance Free $100 (Unique): Use this hyperlink to register and obtain $100 free and 10% off charges on Binance Futures first month (phrases).
PrimeXBT Particular Supply: Use this hyperlink to register & enter POTATO50 code to obtain as much as $7,000 in your deposits.