North Korean hackers They became the primary suspects of the $100 million Horizon Bridge cryptocurrency last week. robbery.
a new statement Released this week by blockchain forensics firm Elliptic Fingers, The Lazarus Group, a hacking unit with ties to the Democratic People’s Republic of Korea, is seen as the likely culprit behind the grand theft. The hack will be just one victory for the group among many: the FBI, The massive $625 million Axie Infinity heist Also to Lazarus.
“Based on the nature of the hacking and subsequent laundering of stolen funds, there are strong indications that North Korea’s Lazarus Group may be responsible for this theft,” Elliptic said. “Although there is no single factor that proves Lazarus was involved, in combination they suggest group involvement.” Another cryptocurrency watchdog group, Chainalysis, agrees with Elliptic’s findings.
The latest hack, which took place late last week, involves California-based firm Harmony, which offers a “Horizon Bridge” that allows users to transfer crypto between different blockchains. Hackers reportedly targeted the usernames and passwords of Harmony employees for their initial breach. Harmony has since embarked on what she calls a “global manhunt” for the group responsible.
Horizon did not immediately respond to Gizmodo’s request for comment.
According to Elliptic, hackers have moved swiftly since last week to launder these assets. According to the report, the Horizon Bridge hacker sent nearly half (41%) of stolen cryptocurrency assets through the Tornado Cash mixer, often referred to as “scrambling” tools used to disguise the funds.
This analysis was supported Thursday by Chainalysis, which helped Harmony investigate the theft. “The attack vector and the high speed of structured payments to a mixer are similar to previous attacks attributed to DPRK-linked actors,” Chainanlaysis said in a tweet.
Inside Declaration On Wednesday, Harmony said it notified law enforcement to investigate the theft and has since begun searching for the culprits. The company gave hackers what it describes as a final ultimatum: Return the stolen funds now and keep the $10 million to yourself.
“There is no honor among thieves,” Harmony wrote. “We’re offering you $10 million for information that will lead to the return of stolen funds.” The offer is valid until July 4, but voluntary recovery seems highly unlikely given Elliptic’s latest analysis, which shows the high rate at which hackers are laundering funds.
North Korea’s Long History of Digital Theft
While North Korea may be missing basic internet, electric, foodand human rightshis condition-Supported hacking groups have a real knack for digital theft. In April, the FBI released a statement. blame North Korea’s Lazarus Group is for a much larger cryptocurrency theft of $625 million from the Ronin blockchain. In this case, the hackers walked away with about 173,600 ether and 25.5 million USDC.
This is not necessarily a new trend. Earlier this year, the Department of Homeland Security issuance A warning saying Lazarus Group is involved in various forms of crypto theft since at least 2020.
“North Korea’s Lazarus Group actors have targeted various firms, assets and exchanges in the blockchain and cryptocurrency industry, using spearphishing campaigns and malware to steal the cryptocurrency,” the agency said. “These actors will continue to exploit the vulnerabilities of cryptocurrency tech firms, gaming companies and exchanges to raise and launder funds to support the North Korean regime.”
In total, the US Department of Justice predictions Lazarus Group has allegedly earned over $1 billion in cryptocurrencies through hacking. campaigns.
And with North Korea has recently focused its efforts on largely unregulated cryptocurrencies, experience long before crypto with digital theft and sophisticated online heists. The country’s hacking teams have also proven adept at launching devastating cyberattacks, and reportedly responsible For 2014 Sony leaks Besides 2017 WannaCry ransomware epidemic.