The Harmony Bridge attackers, who stole $100 million worth of Ethereum (ETH) in June, are continuing to launder their loot. The hackers laundered $27.18 million of the stolen ETH over the weekend, according to on-chain sleuth ZachXBT.

Six exchanges received the laundered funds, the investigator reported. In addition, some of the stolen assets were frozen by the receiving exchanges, ZachXBT said.

Earlier this week, the Federal Bureau of Investigation (FBI) identified North Korean hacking organization Lazarus Group and its sub-unit APT38 as the culprits behind the Harmony Bridge attack. The North Korean government funds the Lazarus Group and associated organizations.

On Jan. 13, the hackers had laundered over $60 million of the stolen ETH, which helped the FBI identify the attackers. In addition, some of the stolen funds had been frozen by the FBI with the help of exchanges.

Azuki’s head of community, Dem, said malicious players compromised the official Twitter handle of the bluechip NFT project on Jan. 27.

Several project officials confirmed that the Twitter account was breached and urged the community not to click any link. A community manager Rose tweeted that there was still a fake website on Azuki’s Twitter bio as of press time.

Available information on the social media platform showed that the hackers posted two tweets with malicious links, promoting a fake virtual land mint.

Several blockchain security firms like Wallet Guard and crypto wallets like MetaMask, and Phantom Wallet blocked their users’ access to the phishing link.

The Block’s research director Steven Zheng tweeted that wallets connected to the hacker did not have a single stolen Azuki. Etherscan data shows that one of the wallets held 214 ETH ($343,000) as of press time.

Earlier in the week, Robinhood confirmed that its several social media accounts were used to promote an unassociated crypto token. Besides that, Moonbirds founder Kevin Rose lost NFTs worth millions to hackers who drained his wallet.

Robinhood confirmed that several of its social media accounts were breached earlier today in a statement emailed to CryptoSlate on Jan. 25.

A company representative said:

We’re aware of the unauthorized posts from Robinhood Twitter, Instagram, and Facebook profiles, which were all removed within minutes. At this time, based on our ongoing investigation, we believe the source of the incident was via a third party vendor.

The company did not state which vendor may have been responsible.

The unauthorized breach saw Robinhood’s official account promote a Binance Smart Chain-based token called $RBH. Though that token exists on-chain, it has no official relationship with Robinhood and appears to exist solely for use in today’s scam.

Although $RBH has no value itself, the address that appears to be responsible for the scam holds approximately 25.3 BNB ($7,750). Given that the account was created earlier today, it is likely that this amount was earned entirely through the Robinhood scam.

$RBH’s token contract indicates that just 61 addresses hold the fraudulent token.

Binance CEO Changpeng Zhao commented on the incident. He said that Binance has locked an account connected to the scam and is investigating the matter.

Robinhood allows users to trade and use cryptocurrency — including through its recently-launched self-custody wallet — but has not issued any crypto token of its own.