The Federal Bureau of Investigation (FBI) has confirmed Lazarus Group and APT38 as the culprits behind the June 2022 $100 million Harmony Bridge Hack.
A cyber group linked to North Korea has long been suspected of being behind the attack, but authorities have not yet confirmed their involvement.
According to a January 23 statement from the FBI he remarked that “through our investigation we were able to confirm that Lazarus Group and APT38, cyber actors linked to the DPRKare responsible for stealing $100 million worth of virtual currency from Harmony’s Horizon bridge.”
The Harmony Bridge Hack in 2022 was the result security holes in Harmony’s Horizon Ethereum bridge, which allowed cyber attackers to penetrate a number of assets stored in the bridge through 11 transactions.
The FBI also outlined that North Korean hackers began moving around $60 million worth of stolen funds through the Ethereum-based privacy protocol RAILGUN earlier this month. Blockchain sleuth ZachXBT previously pointed this out via Twitter on January 16.
Notably, Binance also found out hackers tried to launder money according to CEO Changpeng Zhao through the Huobi crypto exchange and then immediately assisted it in freezing and restoring the digital assets stored by the hackers.
“On Friday, January 13, 2023, North Korean cyber actors used the RAILGUN privacy protocol to launder more than $60 million in Ethereum (ETH) stolen during a June 2022 heist,” the FBI said, adding that “some of these funds have been frozen in coordination with some virtual asset service providers. The remaining bitcoins were subsequently moved to the following addresses.”
The FBI said in a statement that its Cyber and Virtual Assets Unit, as well as the U.S. Attorney’s Office and the U.S. Department of Justice’s Crypto Unit, continue to “identify and disrupt North Korea’s theft and laundering of virtual currency that is used to support North Korea’s ballistic missile and weapons of mass destruction programs.” destruction.”
The Lazarus Group is a well-known hacking syndicate that is said to have been involved in a number of key exploits in the crypto industry and was said to be behind $600M Ronin Bridge Hack from March last year.
In April 2022, the United States Department of the Treasury’s Office of Foreign Assets Control marked as suchby updating its Specially Designated Nationals and Blocked Persons (SDN) to include the post-hack Lazarus group.
That same month, the FBI and the Cybersecurity and Infrastructure Security Agency also launched warnings regarding North Korean state-sponsored cyber threats that target blockchain companies in response to the Ronin Bridge hack.