- In collaboration with the US Attorney’s Office, the FBI revealed that North Korea’s Lazarus Group was behind the $100 million Harmony Horizon hack in 2022.
- The Press release also highlights other shocking thefts by the infamous cybercriminals.
- It is reported that Lazarus Group sponsors its country with stolen funds to build weapons of mass destruction.
The Federal Bureau of Investigation (FBI) has verified that the cyber attack against Harmony Bridge was perpetrated by the notorious North Korean group of cybercriminals known as the ‘Lazarus Group.’
In June 2022, a US crypto project, Harmony Horizon Bridge, lost $100 million to the infamous North Korea-linked cybercriminals who have been terrorizing the crypto industry. The Lazarus Group (APT38) had been the suspect for the longest time since the hack. However, the US authorities had no concrete evidence to point fingers at these criminals till now.
The Federal Bureau of Investigation (FBI) published a press release on January 23, confirming that the suspected criminals in the Harmony bridge hack were the notorious DPRK’s cybercriminals.
“Through our investigation, we were able to confirm that cyber actors known as Lazarus Group or APT38 were responsible for the theft of $100 million of virtual currency from Harmony Horizon bridge,” the report reads.
The FBI stated that it had been actively working towards recognizing and disrupting the DPRK’s crypto hacks and theft as it recalled an incident that occurred on January 13.
According to the FBI, North Korean cyber criminals laundered over $60 million worth of ETH using a privacy protocol, RAILGUN. The FBI also mentioned that these funds being laundered were stolen in June 2022. A large share of them was sent to various digital assets service providers where the cyber actors could convert the stolen ETH into Bitcoin (BTC).
On-chain sleuth, ZachXBT, announced this incident on Twitter, revealing the wallet addresses associated with the illicit transactions. At the same time, Binance, one of the cryptocurrency exchanges which received funds transferred by Lazarus Group, reported that it froze the transaction.
“We detected Harmony One hacker funds movement. They previously tried to launder through Binance, and we froze his accounts,” the CEO of Binance, Changpeng Zhao, tweeted.
CZ also mentioned in his tweet that Binance had collaborated with the Huobi team to freeze the stolen goods and collectively recovered 124 BTC.
The FBI Cyber Division, US Attorney’s Office, and the other partners working on the Harmony Horizon bridge case believed that the North Korean cyber actors were laundering the stolen virtual currencies to support DPRK’s military equipment such as ballistic missiles and Weapon of Mass Destruction (WMD) programs.
A brief history of Lazarus Group
Lazarus Group (APT38) is a North Korean-based group of cybercriminals with an unknown number of individuals involved. The group is allegedly being run by the government of North Korea and has carried out multiple cyber attacks, most targeted at South Korea and the USA.
The FBI has reasons to believe that the malicious criminal group is being sponsored by the DPRK (Democratic People’s Republic of Korea) government because the criminals support and sponsor the country’s military weapons by giving the stolen funds to the government.
There have been so many reported attacks by the Lazarus Group dating back to 2009 when the cyber actors launched an attack against the South Korean government in Seoul. Known as “Operation Troy,” the cybercriminals used a DDoS (Distributed Denial of Service) attack on the South Korean government.
Lazarus Group hacks Harmony Horizon
In June 2022, the Harmony Horizon bridge was exploited for $100 million in altcoins which were later swapped for ETH. Harmony took to Twitter to announce the news.
“The Harmony team has identified a theft occurring this morning on the Horizon bridge amounting to approx. $100m,”
According to a recent update by the FBI, the masterminds said to be behind the attack last year was the Lazarus Group. The Lazarus Group is a notorious cybercriminal group that is well-known for participating in the $600 million Ronin exploit.
The $600 million theft became one of the largest hacks in the crypto industry as the attackers targeted Ronin, a blockchain for the popular Axie Infinity, an online game. Ronin announced that the hackers gained control of the network and made away with 173,600 ethers (ETH) worth $600 million. Additionally, the hackers also withdrew $25.5 million USDC.
The Federal Bureau of Investigation (FBI) published a press release confirming that the infamous cybercriminal group, Lazarus Group, was behind the $100 million hack on Harmony Horizon’s bridge last year, further verifying the suspicions that the malicious group was laundering and sponsoring its country’s military weapons.