Harmony Horizon Bridge

2022-03-29

Ronin Bridge (Axie Infinity) hacked for ~$540M by Lazarus Group, establishing a pattern of cross-chain bridge attacks attributed to North Korea.

2022-04-18

U.S. government issues joint advisory warning about the TraderTraitor malware campaign used by North Korean hackers targeting cryptocurrency organizations.

2022-06-23

Attackers begin draining Harmony Horizon Bridge at approximately 11:06 AM UTC using two compromised multisig private keys, executing 11 unauthorized outbound transactions.

2022-06-24

Harmony publicly discloses the breach, estimates losses at approximately $100 million, engages the FBI, and pauses the Horizon Bridge.

2022-06-30

Blockchain analytics firms including Elliptic and TechCrunch reporting links the attack to North Korea's Lazarus Group based on on-chain fund movement patterns.

2022-07-27

Harmony proposes minting new ONE tokens and executing a hard fork to reimburse hack victims; the proposal is met with strong community backlash.

2022-08-08

U.S. Treasury OFAC sanctions Tornado Cash, citing its use to launder proceeds from the Harmony hack and other Lazarus Group operations.

2023-01-13

North Korean cyber actors launder over $60 million in ETH from the Harmony theft through RAILGUN, a zero-knowledge proof privacy protocol; Elliptic reports 99.9% of RAILGUN deposits over a three-day window originated from Harmony hack proceeds.

2023-01-24

FBI formally confirms Lazarus Group (APT38) is responsible for the Harmony Horizon Bridge theft, stating stolen funds support DPRK ballistic missile and WMD programs.

2023-06-01

Recovery ONE Foundation continues reimbursement funding rounds for affected users, with some Aave-locked assets on Harmony chain remaining frozen over a year after the exploit.

2024-11-01

U.S. Fifth Circuit Court of Appeals reverses OFAC sanctions on Tornado Cash, finding the agency had overstepped its authority in sanctioning immutable smart contracts.