The FBI announced Monday it has concluded that North Korean hacker organization Lazarus Group was behind the 100 милиона долара хацк of Хармони Протоцол прошлог јуна.
Over $60 million of ETH stolen during the heist was laundered on January 13, six months after the fact. That allowed the law enforcement agency to confidently identify the Lazarus Group and APT38—another North Korean cyber group—as the architects of the crime.
The hackers used RAILGUN, a privacy protocol, in an attempt to obscure their transactions. Even so, a portion of the funds were then frozen and recovered by exchanges when the hackers attempted to swap them for Bitcoin. Unrecovered funds were subsequently sent to 11 Ethereum addresses.
The FBI and its investigative partners will “continue to identify and disrupt North Korea’s theft and laundering of virtual currency, which is used to support North Korea’s ballistic missile and Weapons of Mass Destruction programs,” according to the објава.
In the immediate aftermath of June’s Harmony hack, blockchain analysts tied the exploit to Lazarus Group using a combination of on-chain sleuthing and comparisons to previous hacks committed by the group. While the American government has been previously vocal about the threat posed by Lazarus Group, however, it did not formally accuse the entity of responsibility for the Harmony hack until today.
The hack targeted a cross-chain bridge connecting Harmony, a layer-1 blockchain, to Ethereum, Bitcoin, and Binance Chain. The strategy echoes previous attacks linked to Lazarus Group, including a massive 622 милиона долара хацк last April of Ronin Network, an Ethereum sidechain used by play-to-earn crypto game Акие Инфинити.
Since 2017, North Korean hacker groups including Lazarus Group and APT38 have stolen an estimated Вриједност 1.2 милијарде долара of cryptocurrency, according to an Ассоциатед Пресс пријавити.
“The FBI will continue to expose and combat the DPRK’s use of illicit activities—including cybercrime and virtual currency theft—to generate revenue for the regime,” the announcement read.
North Korea-affiliated cyber groups have also reportedly expanded their activities beyond hacks. In late December, a report argued that the Lazarus Group is also pretending to be venture capitalists, potential employers, and banks.
“Intrusions begin with a large number of spearphishing messages sent to employees of cryptocurrency companies—often working in system administration or software development/IT operations (DevOps)—on a variety of communication platforms,” according to a federal cybersecurity опрезан issued last April. “The messages often mimic a recruitment effort and offer high-paying jobs to entice the recipients to download malware-laced cryptocurrency applications.”
In response to these crypto-focused attacks, the American government has targeted coin-mixing services: tools that allow users to obfuscate the otherwise public trails of cryptocurrency transactions. In August, the Treasury Department баннед Ethereum coin mixer Tornado Cash and numerous wallet addresses associated with the service, citing its use by Lazarus Group to launder funds from previous hacks as justification for the action.
Тај потез је био нашироко осуђиван in the crypto community as an illegal overreach that unnecessarily threatened user privacy. An текућа тужба helmed by crypto policy nonprofit Coin Center is challenging the ban.
Будите у току са крипто вестима, добијајте дневне новости у пријемном сандучету.
Source: https://decrypt.co/119861/fbi-north-korea-lazarus-horizon-harmony-bridge-hack