The FBI has confirmed that the Lazarus Group and APT38, cyber actors associated with North Korea, are responsible for the theft of $100 million worth of virtual currency from Harmony’s Horizon bridge in June 2022.
The Harmony Bridge hack was the result of security holes in Harmony’s Horizon Ethereum bridge that allowed the cyber attackers to steal a number of assets stored in the bridge via 11 transactions.
The FBI also outlined that the North Korean hackers started shifting around $60 million worth of the stolen funds earlier this month via the Ethereum-based privacy protocol RAILGUN.
Blockchain sleuth ZachXBT had previously highlighted this via Twitter on Jan. 16. Binance also detected the hackers were trying to launder the funds through the Huobi crypto exchange, and promptly assisted in freezing and recovering the digital assets deposited by the hackers, according to CEO Changpeng Zhao.
In its statement, the FBI said its cyber and virtual assets units, as well as the U.S. Attorney’s Office and the U.S. Justice Department’s crypto unit, have continued “to identify and disrupt North Korea’s theft and laundering of virtual currency, which is used to support North Korea’s ballistic missile and Weapons of Mass Destruction programs.”
The Lazarus group is a well-known hacking syndicate that has reportedly had a hand in a number of key exploits in the crypto industry, and has been alleged to have been behind the $600 million Ronin Bridge hack from March last year.
In April, the United States Treasury Department Office of Foreign Assets Control included the Lazarus Group on its Specially Designated Nationals and Blocked Persons (SDN) list following the hack.
