The Harmony Bridge incident drained about $100 million after two addresses in a 2-of-5 multisig were compromised, allowing the attacker to move assets from the ETH, ERC20, BUSD and BSC bridge components. The source lists the compromised signer addresses, the main exploiter address, bridge contract addresses, and the movement of 13.1k ETH, 5.5M BUSD, 5k BNB and other assets into attacker-controlled wallets. The attack vector was unknown in the body, with speculation that hot-wallet private keys may have been exposed on servers. Lazarus is mentioned only as broader context around spearphishing threats to cryptocurrency projects after Ronin; the body does not attribute the Harmony theft to Lazarus.