[ad_1]
The FBI announced on Monday that it had concluded that the North Korean hacker organization Lazarus Group was behind it $100 million hack from Harmony Protocol last June.
More than $60 million of ETH stolen during the heist was laundered on January 13th, six months after the incident. That allows law enforcement agencies to confidently identify the Lazarus Group and APT38—another North Korean cyber group—as the architect of the crime.
Hackers use RAILGUN, a privacy protocol, in an attempt to obfuscate their transactions. Even so, some of the funds were later frozen and recovered with the exchange when hackers try to exchange them for Bitcoins. Unrecovered funds are then sent to 11 Ethereum addresses.
The FBI and its investigative partners will “continue to identify and stop the theft and laundering of North Korean virtual currency, used to support North Korea’s ballistic missile and Weapons of Mass Destruction programs,” according to the announcement.
Immediately after the June Harmony hack, blockchain analyst tying the exploit to the Lazarus Group using a combination of on-chain intercepts and comparisons to previous hacks performed by the group. While the American government has previously been vocal about the threat posed by the Lazarus Group, however, it has not officially accused any entity of being responsible for the Harmony hack to this day.
The hack targeted the cross-chain bridge connecting Harmony, a layer-1 blockchain, to Ethereum, Bitcoin, and the Binance Chain. The strategy echoes the previous attacks associated with the Lazarus Group, including a massive attack $622 million hack Last April from the Ronin Network, an Ethereum sidechain used by play-to-earn crypto gaming Infinity Action.
Since 2017, North Korean hacker groups including Lazarus Group and APT38 have stolen approx worth $1.2 billion cryptocurrency, according to a Associated Press report.
“The FBI will continue to uncover and combat the DPRK’s use of prohibited activities—including cybercrimes and virtual currency theft—to generate revenue for the regime,” the announcement read.
Cybergroups affiliated with North Korea have also reportedly expanded their activities beyond hacking. At the end of December, a report argues that the Lazarus Group also pretends to be venture capitalists, potential employers and banks.
“The intrusion began with a large number of spearphishing messages sent to cryptocurrency company employees — often working in systems administration or software development / IT operations (DevOps) —on various communication platforms,” according to a federal cybersecurity alert issued last April. “The messages often impersonate recruitment efforts and offer high-paying jobs to persuade recipients to download cryptocurrency applications that contain malware.”
In response to these crypto-focused attacks, the American government has targeted coin mixing services: tools that allow users to obfuscate the public lines of cryptocurrency transactions. In August, the Ministry of Finance prohibited Ethereum coin mixer Tornado Cash and the many wallet addresses associated with the service, cited its use by the Lazarus Group to launder funds from previous hacks as justification for the move.
That step widely criticized within the crypto community as illegal outreach that unnecessarily threatens user privacy. A ongoing lawsuit led by a non-profit crypto policy, Coin Center is challenging the ban.
Stay on top of crypto news, get daily updates in your inbox.
[ad_2]
Source link