Skip to content

The North Korean Lazarus Group Orchestrated the Harmony Hack: FBI

The investigation conducted by the FBI has led to the discovery that the cyber attack that occurred in June was carried out by two hacker organizations that North Korea supported.

Image Credit: NR (1.1)

The Federal Bureau of Investigation (FBI) has finished its investigation into the crypto attack that occurred a year ago and resulted in the loss of $100 million worth of crypto currency held by the US-based Harmony protocol.

The investigation conducted by the FBI has led to the discovery (1) that the cyber attack that occurred in June was carried out by two hacker organizations that North Korea supported.

The Lazarus Group and APT38 are the names of the two organizations. It's interesting to note that the discovery doesn't stray too far from prior concerns that were floating about immediately after the large exploit was carried out.

While this was going on, on January 13, a breakthrough occurred when the bad actors tried to shift over $60 million worth of ETH that they had stolen during the attack. The Federal Bureau of Investigation has verified that the hackers attempted to disguise their financial dealings by utilizing a privacy protocol known as RAILGUN.

They were able to convert part of the cash into Bitcoin by sending some of the monies to other crypto currency exchanges. On the other hand, some of the exchanges were able to put a hold on the remaining money and retrieve them while the hackers tried to convert them to Bitcoin.

In reaction to these crypto-focused assaults, the American government targeted coin-mixing services, which are programs that allow users to obscure otherwise public trails of bitcoin transactions. This was done in response to the attacks that were focused on cryptocurrencies.

Tornado Cash, an Ethereum coin mixer, and various wallet addresses linked to it were both banned by the Treasury Department in August. As justification for this action, the Treasury Department cited that the Lazarus Group had used Tornado Cash to launder funds stolen in previous hacks.

The action was roundly condemned by members of the cryptocurrency community, who saw it as an unlawful overreach that needlessly harmed users' privacy. The restriction is currently being challenged in court by ongoing litigation that the crypto currency policy NGO Coin Center is leading.

The Hacks are Continuously Increasing

If it's any indication, the amount of attacks of this kind carried out by cyber gangs affiliated with North Korea has been on the rise recently. According to reports, Lazarus Group was the entity that was accountable for the $625 million Ronin bridge attack.

As per a report by the Associated Press, hackers operating out of North Korea have been responsible for the theft of at least $1.2 billion worth of crypto currencies since 2017.

However, it has been revealed that these gangs are responsible for more than only hacking. You can encounter them posing as venture capitalists, banks, or recruiters in other contexts.

Despite this, the FBI has committed to using every tool at its disposal to put a stop to North Korea's destabilizing behavior. The following is an excerpt from the statement:

"The FBI will continue to uncover and oppose the DPRK's exploitation of illegal activities to generate cash for the dictatorship. These activities include cybercrime and the theft of virtual currency."

In addition, the Federal Bureau of Investigation asserts that North Korea is working toward a goal. That is, to finance its missile and weapons programs by means of the trafficking of virtual money.

In spite of this, the body has stated that it would continue to cooperate with its other investigative partners in order to thwart their activities.