The FBI just confirmed the identity of the hackers behind the Harmony blockchain hack. Partnering with platforms like Binance, the authorities tracked down a group of hackers who learned to steal cryptocurrencies…
Last June, the catwalk of the Blockchain Harmony has been hacked. This bridge, soberly called the Horizon Bridge, was completely taken over thanks to a security breach. The hackers got away with $100 million. These cryptocurrencies passed through the gateway to be transferred to another blockchain, such as Ethereum or the Binance Smart Chain. The hackers stole a dozen different cryptoassets before converting them into Ether through a decentralized platform, Uniswap.
Also Read: First Hack After The Merge, Is Ether Cryptocurrency in Danger?
Another hit by North Korean pirates
After several months of investigation, the FBI he was able to trace the pirates behind the attack. According to American authorities, they are North Korean hackers from Lazarus group (also known as APT38) who orchestrated the entire operation. Shortly after the attack, several elements already pointed to the henchmen of the North Korean regime. A few days after the events, the experts of the analysis company Elliptic had in fact already raised suspicions about hackers in the pay of Kim Jong-Un.
This is not the only cryptocurrency hack in Pyongyang’s hacker track record. An FBI investigation was able to confirm that Lazarus’ hackers also staged it the attack on the Ronin Network, which resulted in the theft of $624 million. This is the largest decentralized finance hack ever recorded. Again the hackers exploited a breach in the functioning of the bridge between the blockchains.
These hackers, commissioned by the North Korean government, have become accustomed to attacking the most fragile infrastructures of decentralized finance. For Chainalysis, the blockchain analytics firm, over $1.2 billion have been stolen from Lazarus by crypto services since 2017. The stolen funds are used to finance North Korea’s activities, including military ones.
How did the FBI recover some of the stolen cryptocurrencies?
Lazarus hackers have not touched the stolen cryptocurrencies for several months. After a whirlwind stint on Uniswap, funds remained stored at a multitude of addresses on the Ethereum blockchain. Finally Kim Yong-Un’s foot soldiers moved some of their loot, or $60 million in Ether, to Railgun, a service that makes transactions anonymous. As the FBI points out, they were trying to launder the funds they recovered last year.
Laundered via Railgun, digital currencies were sent to digital wallets linked to Binance, Huobi and OKX accounts. More than 300 different addresses were used in order not to arouse suspicion. On these platforms, ether was converted into Bitcoin. By this point, the hackers hoped they had covered their tracks and deceived the authorities.
Unfortunately for Lazarus, the FBI was able to trace the transfers thanks to the cooperation of the exchanges. At the request of law enforcement, the platforms have froze some of the identified accounts. For example, Binance recovered one hundred bitcoins in the deal. Before any companies could act, Kim Yong-Un’s hackers transferred the remaining funds to around ten addresses on the blockchain. These are now being targeted by the FBI.
Last year, the cryptocurrency world suffered a series of serious attacks. Within a year, 3.6 billion dollars were stolen by hackers. The annual loot amount of criminals is +47.4% compared to 2021despite the collapse of the cryptocurrency market.
Source :
FBI