Theft of crypto and other forms of cyber espionage have been a key source of income for North Korean hackers, whose country of origin is in a chronic financial crisis and is virtually blocked off from the global market.
Since 2017, it is estimated that North Korean hackers have stolen cryptocurrencies worth $1.72 billion. Today, this figure would only balloon courtesy of their relentless pursuit of infiltrating more security defenses and cart away more money.
Lazarus Group and APT38, two hacking groups with ties to North Korea, were responsible for the theft of $100 million from U.S. crypto company Harmony’s Horizon bridge in June, the Federal Bureau of Investigation said on Monday.
Crypto Gone: The Usual Suspects
Horizon Bridge, a service that enables the trading of crypto assets between Harmony and other blockchains, was emptied of ether (ETH), tether (USDT), and wrapped in bitcoin (wBTC). Lazarus and APT38 are the most likely culprits.
In a statement issued on Monday, the FBI confirmed through their investigations that the Lazarus Group and APT38, DPRK-affiliated cyber attackers, “are responsible for the theft of $100 million in virtual currency from Harmony’s Horizon bridge.”
According to the FBI, North Korea uses virtual currency theft and laundering to fund its ballistic missile and weapons of mass destruction capabilities.
The Lazarus Group. Image: BBC
In June, Reuters cited three digital investigation firms in claiming that North Korean hackers were responsible for the attack on Harmony.
News and media outlet Aljazeera claims the hackers tried to hide their financial dealings by employing the privacy protocol Railgun.
In spite of this, a part of the money were subsequently blocked and retrieved by exchanges when the hackers attempted to convert them for Bitcoin. The unrecovered cash were then transmitted to 11 Ethereum addresses.
North Korean Hackers Strike
Multiple operations have been conducted by the North Korean hackers Lazarus Group over the years, with the majority involving disruption, sabotage, money theft, or espionage.
Lazarus has been a functioning cyber collective since 2009. In 2014, the cybercriminal group hacked Sony Pictures Entertainment, causing approximately $35 million in IT repairs and a huge reputational blow.
Authorities in South Korea estimate that at least 892 foreign policy professionals in the country have been targeted by these North Korean hackers. Since April 2022, the focus has been on members of think tanks and academia.
Crypto total market cap reclaims the $1 trillion level on the daily chart | Chart: TradingView.com
Lazarus was allegedly involved in a number of significant crypto industry breaches, including the $600 million Ronin Bridge hack from March of last year.
The FBI stated that it will continue to uncover and fight the North Korean hackers and their exploitation of illegal activities to generate cash for the dictatorship, including cybercrime and virtual currency theft.
The United States and United Nations authorities have accused North Korea, headed by the third-generation dictator Kim Jong Un, of spearheading an expanding effort of cyber theft to bankroll its activities, including the development of long-range ballistic missiles and nuclear weapons
Featured image from Time