Lazarus group, a north korea-linked cybercrime syndicate, was recently involved in a transfer of $63.4 million in ethereum from the harmony bridge hack that occurred in june 2022. the group used the railgun privacy and anonymity system to consolidate the funds and deposit them on exchanges. binance ceo changpeng “cz” zhao and huobi detected the funds’ movements and froze and recovered 124 bitcoin. the group was said to have used the now-sanctioned cryptocurrency mixer tornado cash.
Transfer of funds occurred on january 13th. 350,000 separate wallet addresses were used in the transfers. railgun is an ethereum-based smart contract system that allows users to obscure the nature of their crypto transactions, removing identifying information.
Attack on harmony is just a small portion of the overall number of funds the cybercrime syndicate has been implicated in stealing. lazarus was also implicated in the march 2022 attack on the ronin network, which was estimated to be worth about $622 million. the group was also tied to a scheme that impersonated venture capital companies to spread malware to various crypto-related firms. it is unknown what, if any, steps have been taken by okx, in response to the alleged criminal transfers.