FBI confirms that APT38 and the North Korean state-sponsored “Lazarus” hacking groups are responsible for the theft of Ethereum worth $100 Million from Harmony Horizon, June 2022.
Harmony Horizon, an Ethereum cross-chain bridge that June 2022. This breach allowed hackers to take control of the MultiSigWallet contract to send large amounts of tokens directly to addresses.
that explains the technical aspects of the attack. It also includes details about the attack’s flow and steps taken by threat actors to siphon millions.
The FBI has confirmed yesterday that the attacks were carried out by two North Korean hackers, Lazarus (APT38 ) and .
APT38 and Lazarus hacking groups have been linked to the Democratic People’s Republic of Korea and have a history of taking cryptocurrency assets for the government.
According to the FBI, North Korean hackers have stolen and laundered virtual currency in order to fund their ballistic missile defense and weapons-of-mass destruction programs.
The FBI was able to link Lazarus to the heist because of last week’s laundering efforts by one threat group.
The hackers ($63.5 Million) via Railgun, before depositing funds at multiple addresses on three cryptocurrency exchanges.
These addresses are at least under the direct supervision of the Lazarus Group.
Some of the funds were converted to Bitcoin by hackers. The FBI worked closely with virtual asset services providers to seize an unknown portion.
According to the FBI, the rest of the converted funds can be found at the following Bitcoin addresses.
that they had intercepted 124 BTC from Harmony Horizon. This was approximately $2.5 Million.
All accounts involved in laundering were also frozen.
Attacks on Past Lazarus
North Korean hackers are known for targeting cryptocurrency companies in order to seize assets and fund their nation’s projects.
Lazarus started targeting crypto users with , and in order to steal victim’s wallets.
The U.S. Treasury, FBI and the FBI connected the Lazarus Group with of Ethereum and USDC tokens of the blockchain-based gaming game Axie.
Later, it was revealed that hackers carried out this attack by sending an with a job offer for one of the Blockchain’s engineers.