Binance and Huobi Jointly Recovered $2.5M from Harmony One Hackers

Following the hacking of the Harmony bridge exploit, leading crypto exchanges Binance and Huobi have successfully intercepted the hackers leading to the recovery of 124 Bitcoin (BTC) estimated to be worth around $2.5 million.

We detected Harmony One hacker fund movement. They previously tried to launder through Binance and we froze his accounts. This time he used Huobi. We assisted Huobi team to freeze his accounts. Together, 124 BTC have been recovered. CeFi helping to keep DeFi #SAFU! 🙏

— CZ 🔶 Binance (@cz_binance) January 16, 2023

The stolen funds were intercepted and freezed by the security teams of both crypto exchanges following indications that the funds coming to the exchanges were proceeds of the Harmony exploit.

Few hours before the disclosure, on-chain crypto detective ZachXBT reported that the hackers North Korea’s Lazarus Group have moved $63.5 million from the Harmony bridge hack through Railgun and deposited it on three different exchanges.

1/2 North Korea’s Lazarus Group had a very busy weekend moving $63.5m (~41000 ETH) from the Harmony bridge hack through Railgun before consolidating funds and depositing on three different exchanges. pic.twitter.com/huDumaJeSh

— ZachXBT (@zachxbt) January 15, 2023

While Binance and Huobi were swift to intercept the hackers, it was gathered that only a portion of the funds were recovered in the course of the counter-attack.

It was established that the hackers successfully deposited and withdrew about 41k Ethereum (ETH) immediately.

Recall that the hackers seized the blockchain bridge platform Harmony on June 24, 2022, and successfully exploited over $100 million worth of cryptocurrencies due to vulnerabilities inherent in the blockchain bridges.

Reactions Trail Binance and Huobi’s Efforts

While the efforts of Binance and Huobi exchanges have been commendable in the swift interception of the hackers —Lazarus Group, a member of the crypto trading platform 3Commas, Coinmamba, criticized Binance CEO Changpeng Zhao (CZ) for not doing same when 3commas was attacked.

In reaction, CZ stated that he tried to assist in tracing the funds but the platform was only focused on how much Binance will compensate them immediately, and the absence of cooperation discouraged Binance.

However, Binance was urged to always share real-time information concerning hacks and exploits with other exchanges in order to clampdown on exploiters.

In view of the above, CZ maintained that it will continue to work with other cooperative exchanges except for those with the wrong competitive mindset.

More than any other time, the security system of Web3 crypto space should be strengthened and fortified.