FBI confirms North Korean Lazarus Group was behind major Harmony crypto heist

Lazarus was observed laundering millions of stolen ether

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

The FBI has confirmed that the infamous Lazarus Group, a threat actor believed to have strong ties to the North Korean government, was one of two entities behind the recent Harmony bridgecyberattack.

Harmony, which allows users to transfer cryptocurrency tokens between otherwise separate blockchains, was attacked in in June 2022. The then-unknown hackers managed to steal around $100 million by exploiting flaws in the protocol’s code, making off with a total of 85,867 Ether tokens, native to the Ethereum blockchain.

Now, the FBI says it has evidence that Lazarus Group, together with APT38, was behind the attack.

TechRadar Pro needs you!We want to build a better website for our readers, and we need your help! You can do your bit by filling outour surveyand telling us your opinions and views about the tech industry in 2023. It will only take a few minutes and all your answers will be anonymous and confidential. Thank you again for helping us make TechRadar Pro even better.

D. Athow, Managing Editor

Funding for missile programs

“FBI Los Angeles and FBI Charlotte—in coordination with the FBI’s Cyber Division, the United States Attorney’s Office for the Central District of California, the United States Attorney’s Office for the District of Columbia, the National Cryptocurrency Enforcement Team, and the FBI’s Virtual Assets Unit—continue to identify and disrupt North Korea’s theft and laundering of virtual currency, which is used to support North Korea’s ballistic missile and Weapons of Mass Destruction programs,” the FBI’s announcement says.

FBI says North Korean Lazarus group was behind huge crypto theft>Fake Crypto.com job offers targeting developers and artists to spread malware>These are the best firewalls right now

The law enforcement agency also said the group was observed using RAILGUN on January 13, to launder the stolen funds. RAILGUN is a privacy protocol that the group used to launder more than $60 million worth of Ether. A part of these funds were later sent to “several virtual asset service providers” and converted to bitcoin. The FBI later reached out to some of these service providers and managed to freeze a portion of these funds, it said.

The rest were sent to a number of bitcoin addresses.

Lazarus was also behind an attack on the Ronin bridge that took place earlier in 2022, where the group stole $625 million in various cryptocurrencies.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Cisco issues patch to fix serious flaw allowing possible industrial systems takeover

Washington state court systems taken offline following cyberattack

Thousands of employees could be falling victim to obvious phishing scams every month