The FBI has accused two North Korean government hacking groups of committing last year’s $100 million crypto heist stolen from a company that allows users to transfer cryptocurrency from one blockchain to another.
On Monday, the FBI announced that the Lazarus Group and APT38 — two groups linked to the North Korean government through both cybersecurity firms and government agencies — were responsible for hacking the Horizon Bridge, created by US-based company Harmony, in June 2022.
Quoting cybersecurity experts, Reuters reported last year that North Korea was likely the culprit in the hack, which exploited a vulnerability in the bridge to steal various cryptocurrency assets, such as Ethereum, Binance Coin, Tether, USD Coin, and Dai.
The FBI said that on January 13, North Korean hackers used RAILGUN, a cryptographic “privacy protocol” to launder $60 million of stolen Ethereum from Harmony.
“Some of this stolen ethereum was then sent to several virtual asset service providers and converted into bitcoin (BTC),” the FBI said. said in his ad. “Part of these funds have been frozen, in coordination with some of the virtual asset service providers.”
The FBI also released eleven cryptocurrency wallets where the remaining $40 million in stolen bitcoins were transferred.
North Korea has long targeted cryptocurrency companies to raise money for the regime, which sees crypto as a way to evade international sanctions and fund its nuclear weapons program. Last year, the FBI, the Cybersecurity and Infrastructure Security Agency (CISA), and the US Treasury Department posted a review detailing North Korea’s activities targeting crypto companies.
According to South Korea’s National Intelligence ServiceNorth Korea has stolen around $1.2 billion worth of crypto over the past five years, including $626 million in 2022 alone.
Harmony’s Horizon is a so-called blockchain bridge – also known as cross-chain bridges, a tool that allows users to transfer digital assets from one blockchain to another, allowing different blockchains created by different companies to be interoperable. Several of these bridges have serious vulnerabilities, making them a prime target for hackers.
“Blockchain bridges have become the low-hanging fruit for cybercriminals, with billions of dollars of crypto assets locked within them,” Tom Robinson, co-founder and chief scientist of blockchain analytics firm Elliptic told CNBC Last year. “These bridges have been hacked by hackers in a variety of ways, suggesting that their level of security has not kept pace with the value of the assets they hold.”
Chainalysis, another blockchain analytics company, estimated that around $1.4 billion was stolen from blockchain bridges last year.