HQ/EMEAFind out how we can help your business
The Federal Bureau of Investigations confirmed that a couple of North Korea-backed hacking groups were the culprit behind the heist of about $100 million worth of Ethereum from Harmony Horizon last year.
Harmony Horizon is a cross-chain vector for Ethereum that experienced a cybersecurity incident in June last year. The breach allowed the attackers to control the MultiSigWallet contract and use it to transfer tokens to their addresses.
Earlier this week, the federal law enforcement agency confirmed that the Lazarus and APT28 North Korean hacking groups were the threat groups that infiltrated Harmony Horizon.
FBI’s investigation concluded that the DPRK groups are responsible for the stolen funds from Harmony Horizon.
Lazarus and APT28 have a reputation for stealing crypto assets to aid their country’s interest, which made sense as they have already acquired several crypto funds in the past few years.
Based on reports, these North Korean hacking groups commonly steal and launder virtual currency in their cybercriminal operators to support North Korea’s programs in creating military weapons like ballistic missiles.
In this incident, the federal law enforcement organisation used the earlier mentioned idea to link the Lazarus group in a recent laundering transaction last week.
The attackers tried to transfer 41,000 ETH (approximately $64 million) via Railgun before depositing the funds to several addresses in three crypt exchanges earlier this month.
Researchers believe the Lazarus group controls at least 350 addresses in multiple crypto exchange services. The North Korean hackers have already converted some of the ETH funds to BTC, allowing the FBI to seize an undefined portion by cooperating with virtual asset service providers.
The FBI stated that the remaining converted crypto funds are now kept to several Bitcoin addresses.
On the other hand, Binance announced that they managed to confiscate 124 BTC stolen from Harmony Horizon. Currently, 124 BTC amounts to about $2.5 million. All accounts involved in the laundering incidents are now frozen.
