MistTrack – a crypto monitoring and compliance platform – has revealed updates on its investigation of the Concord bridge hack that compromised $100 million final June.
They discovered that the notorious North Korean hacking group, The Lazarus Group, are probably behind the theft.
The Motion of Funds
In a Twitter thread on Monday, MistTrack stated Lazarus handed the stolen funds by a number of exchanges and blockchains whereas making an attempt to cowl their on-chain tracks.
However, the platform found that many funds have been transferred to exchanges together with Huobi, Binance, and OKX. These funds have been then “rapidly transformed to BTC” earlier than being withdrawn from the exchanges.
Subsequent, the BTC underwent “a number of multi-layer transfers,” earlier than among the funds have been returned to exchanges. In the meantime, others have been bridges to Avalanche by a number of cross-chain exchanges for USDT and USDD – stablecoins pegged to the U.S. greenback.
ADVERTISEMENT
Different funds have been transferred to Ethereum, after which finally to Tron, the place the recipient addresses have been associated to a “USDT combined community.”
Blockchain Bridges
A bridge permits customers to switch belongings which might be in any other case native to at least one blockchain (ex. BTC for Bitcoin; ETH for Ethereum) over to different chains. That is often completed by having customers lock their tokens at a particular tackle on the supply blockchain, whereas tokenized equivalents are minted in equal measure on the opposite chain.
Sadly, bridges have change into well-liked targets for hackers, bearing witness to among the most catastrophic crimes in DeFi historical past. One such theft was the Concord bridge hack itself, which noticed $100 million price of ETH stolen in June.
Months prior, an impartial researcher named “Ape Dev” on Twitter warned that Concord may lose all of its funds if simply two of the 4 personal keys controlling the bridge’s pockets have been compromised, probably for as much as $330 million.
Different terrific hacks final 12 months included the $600 million + Ronin bridge hack, which drained the whole Axie Infinity treasury. On this occasion, 5 of 9 keys controlling the bridge have been compromised, permitting for over 170,000 ETH and 25 million USDC to be taken.
These funds have been additionally stolen by the Lazarus group, from whom simply 5% of the funds have been recovered since.
Circle CEO Jeremy Allaire lately tweeted about an upcoming blockchain bridge for USDC. Not like different bridges, this one is not going to include a big honeypot targetable by hackers.
SPECIAL OFFER (Sponsored) Binance Free $100 (Unique): Use this hyperlink to register and obtain $100 free and 10% off charges on Binance Futures first month (phrases).
PrimeXBT Particular Provide: Use this hyperlink to register & enter POTATO50 code to obtain as much as $7,000 in your deposits.
