North Korea’s Lazarus Group masterminded $100M Harmony hack: FBI confirms

The Federal Bureau of Investigation (FBI) has confirmed the Lazarus Group and APT38 as the culprits behind the $100 million Harmony Bridge Hack from June 2022.

The North Korea-linked cyber group had long been suspected of being behind the attack but their involvement hadn’t been confirmed by authorities until now.

According to a Jan. 23 statement, the FBI noted that “through our investigation, we were able to confirm that the Lazarus Group and APT38, cyber actors associated with the DPRK, are responsible for the theft of $100 million of virtual currency from Harmony’s Horizon bridge.”

The Harmony Bridge hack in 2022 was the result of security holes in Harmony’s Horizon Ethereum bridge which allowed the cyber attackers to swipe a number of assets stored in the bridge via 11 transactions.

The FBI also outlined that the North Korean hackers started shifting around $60 million worth of the stolen funds earlier this month via the Ethereum-based privacy protocol RAILGUN. Blockchain sleuth ZachXBT previously highlighted such via Twitter on Jan. 16.

Notably, Binance also detected the hackers were trying to launder the funds through the Huobi crypto exchange, and then promptly assisted it in freezing and recovering the digital assets deposited by the hackers, according to CEO Changpeng Zhao.

“On Friday, January 13, 2023, North Korean cyber actors used RAILGUN, a privacy protocol, to launder over $60 million worth of Ethereum (ETH) stolen during the June 2022 heist,” the FBI stated, adding that “a portion of these funds were frozen, in coordination with some of the virtual asset service providers. The remaining bitcoin subsequently moved to the following addresses.”

In its statement, the FBI said its cyber and virtual assets units, as well as the U.S. Attorney’s Office and the U.S. Justice Department’s crypto unit, have continued “to identify and disrupt North Korea’s theft and laundering of virtual currency, which is used to support North Korea’s ballistic missile and Weapons of Mass Destruction programs.”

Related: Google Ads-delivered malware drains NFT influencer’s entire crypto wallet

The Lazarus group is a well known hacking syndicate that has reportedly had a hand in a number of key exploits in the crypto industry, and has alleged to have been behind the $600 million Ronin Bridge hack from March last year.

In April 2022, the United States Treasury Department Office of Foreign Assets Control indicated as such, by updating its Specially Designated Nationals and Blocked Persons (SDN) to include the Lazarus Group following the hack.

That same month, the FBI and Cybersecurity and Infrastructure Security Agency also fired off a warning alert concerning North Korean state-sponsored cyber threats that target blockchain companies in response to the Ronin Bridge hack.

All Dutch and English crypto news!

‘Haunts me to this day’ — Crypto project hacked for $4M in a hotel lobby

The co-founder of Web3 metaverse game engine "Webaverse" has revealed they were victims of a $4 million crypto h after meeting with scammers posing as...

Crypto firms could face 2 years jail for breaching UK advertising laws

Newly proposed advertising rules in the United Kingdom could potentially see executives of crypto firms face up to two years of prison for failing to...

Sam Bankman-Fried lawyers reach agreement on use of messaging apps

Sam Bankman-Fried's (SBF's) lawyers have reached an agreement with federal prosecutors concerning his use of messaging apps. According to a Feb. 6 court document, both parties...

Genesis entity going up for sale as DCG makes creditor pact

Genesis Global has announced it has reached an "agreement in principle" with Digital Currency Group (DCG) which will eventually see its crypto lending and trading...

Beste exchanges

Koop je crypto bij Bitvavo