FBI Confirms Lazarus Group

It has been officially confirmed by the Federal Bureau of Investigation (FBI) that the cyber-attacks on the cryptocurrency exchange, Harmony Horizon, which resulted in the theft of $100 million worth of Ethereum, were orchestrated by state-sponsored hacking groups, Lazarus and APT38, based in North Korea.

This group is mainly associated with the Democratic People’s Republic of Korea (DPRK). In June 2022, the cross-chain bridge Harmony Horizon for Ethereum fell victim to a security breach. The hackers were able to gain control of a MultiSigWallet contract, and subsequently transferred large amounts of tokens to their own addresses.

For an in-depth analysis of the technicalities of the attack, Certik published a report outlining the attack’s progression and the methods used by the attackers to steal millions.

The FBI Los Angeles and FBI Charlotte, in collaboration with other law enforcement bodies, are working diligently to uncover and prevent North Korea’s illegal activities involving virtual currency. 

The ballistic missile program and weapons of mass destruction are believed to have been funded with these funds. Here below we have mentioned all the other law enforcement bodies involved:-

  • The FBI’s Cyber Division
  • The United States Attorney’s Office for the Central District of California
  • The United States Attorney’s Office for the District of Columbia
  • The National Cryptocurrency Enforcement Team
  • The National Security Division’s Counterintelligence and Export Control Section
  • The FBI’s Virtual Assets Unit

Frozen Addresses

On the 13th of January, 2023, North Korean cyber criminals were found to have utilized a privacy protocol named RAILGUN in order to cleanse over $60 million worth of Ethereum (ETH) that was pilfered during a June 2022 theft.

There are several virtual asset service providers that have subsequently received a portion of this stolen Ethereum and then converted that stolen portion into Bitcoin.

In coordination with some of the providers of virtual asset services, a portion of these funds has been frozen. There are subsequent addresses where the remainder of the bitcoin has been moved, and here below we have mentioned them:-

The two major cryptocurrency exchanges Binance and Huobi managed to intercept $2.5 million worth of BTC (124 BTC) that was stolen from Harmony Horizon.

In addition, all accounts involved in the laundering activities were frozen as a precautionary measure.

Network Security Checklist – Download Free E-Book

Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.