The Harmony Bridge moved 463.82 Wrapped Ethereum (WETH) — worth roughly $726,000 — of stolen funds into “0xA60C37d8362F6adf61317Bf6306A52d8087127Da” on Feb. 3.
The new wallet received 463.82 WETH across five transactions and has remained dormant — without inflows or outflows for roughly an hour as of press time.
Harmony Bridge stolen funds on the move (Source: Etherscan)
Blockchain investigator ZachXBT tweeted about the shift in stolen funds, including a detailed mapping of the funds’ movement through numerous wallets.
Source: ZachXBT
The case so far
On Jan. 23, the Federal Bureau of Investigation (FBI) confirmed that the North Korean Lazarus Group was responsible for the 2022 attack on Harmony’s Horizon Protocol.
The FBI said that Lazarus Group and its associated groups were sponsored by the North Korean government and that the FBI were working to recover the stolen crypto.
On Jan. 31, on-chain analysis revealed that the hacker was attempting to move some of the illicit funds using exchanges and the smart contract “Zero Knowledge Proof” system Railgun.
Funds moved through at least two exchange — Binance and Huobi — were frozen. Binance assisted in recovering 124 Bitcoin (BTC) — worth $2.58 million — when the hacker attempted to launder the stolen funds on the exchange.