FBI confirms Lazarus Group and APT38 were responsible for $100 million bridge hack
The FBI confirmed Monday that Lazarus Group and APT 38 were behind a $100 million heist on proof-of-stake blockchain platform Harmony last June, and they attempted to launder the money through the RAILGUN privacy protocol.
The FBI said Lazarus Group and APT38, cyber actors associated with the North Korea, committed the theft of $100 million of virtual currency from Harmony’s Horizon bridge reported on June 24. The hack was associated with a malware campaign called “TraderTraitor” that was led by the Democratic People’s Republic of Korea, according to the FBI and Cybersecurity and Infrastrastructure Security Agency (CISA).
Portions of some $60 million worth of ETH the hackers routed via RAILGUN, a privacy exchange, “were frozen, in coordination with some of the virtual asset service providers,” according to the agency.
The DPRK uses funds it acquires from hacks like this to fund its ballistic missile and weapons of mass destruction programs, the FBI said. Lazarus Group was connected to the $600 million Ronin exploit last year in April. The U.S. government warned that both groups were associated with targeting crypto firms to steal assets around the same time the Ronin exploit occurred.