The FBI accused two groups of North Korean government hackers of carrying out last year’s heist of $100 million in crypto stolen from a company that allows users to transfer cryptocurrency from one blockchain to another.
On Monday, the FBI announced that the Lazarus Group and APT38 — two groups linked to the North Korean government by both cybersecurity companies and government agencies — were responsible for the hack against the Horizon bridge, created by the U.S. company Harmony, in June 2022.
Citing cybersecurity experts, Reuters reported last year that North Korea was likely the culprit of the hack, which exploited a vulnerability in the bridge to steal various cryptocurrency assets, such as Ethereum, Binance Coin, Tether, USD Coin, and Dai.
The FBI said that on January 13, the North Korean hackers used RAILGUN, a crypto “privacy protocol,” to launder $60 million in Ethereum stolen from Harmony.
“A portion of this stolen ethereum was subsequently sent to several virtual asset service providers and converted to bitcoin (BTC),” the FBI said in its announcement. “A portion of these funds were frozen, in coordination with some of the virtual asset service providers.”
The FBI also published 11 cryptocurrency wallets where the remaining $40 million in stolen bitcoin were moved to.
North Korea has a long history of targeting cryptocurrency companies to raise money for the regime, which sees crypto as a way to evade international sanctions and to fund its nuclear weapons program. Last year, the FBI, the Cybersecurity and Infrastructure Security Agency (CISA), and the U.S. Treasury Department published an advisory detailing North Korea’s activities targeting crypto companies.
According to South Korea’s National Intelligence Service, North Korea has stolen around $1.2 billion worth of crypto in the last five years, including $626 million in 2022 alone.
Harmony’s Horizon is a so-called blockchain bridge — also known as cross-chain bridges, a tool that allows users to transfer digital assets from one blockchain to another, allowing different blockchains created by different companies to be interoperable. Several of these bridges have had serious vulnerabilities, making them a favorite target for hackers.
“Blockchain bridges have become the low-hanging fruit for cyber-criminals, with billions of dollars worth of crypto assets locked within them,” Tom Robinson, co-founder and chief scientist at blockchain analytics firm Elliptic, told CNBC last year. “These bridges have been breached by hackers in a variety of ways, suggesting that their level of security has not kept pace with the value of assets that they hold.”
Chainalysis, another blockchain analytics firm, estimated that around $1.4 billion were stolen from blockchain bridges last year.
https://techcrunch.com/
In 2019, Ring launched the Peephole Cam, a camera that fits over existing door peepholes to record goings-on outdoors, in apartment building hallways and so on. Priced at $199, the Peephole Cam failed to catch on, leading Ring to discontinue it in 2021. But now, Ring’s giving it another go — the Peephole Cam made […]
SC Media UK has collected predictions across a range of categories from cybersecurity experts. Here we give you the roundup… What might 2023 bring in term of cyber? Our experts found consensus on a few areas. First, boardroom metrics will become more important as senior execs demand transparency through quantified insights on the company’s security posture. […]
A recent study finds that software engineers who use code-generating AI systems are more likely to cause security vulnerabilities in the apps they develop. The paper, co-authored by a team of researchers affiliated with Stanford, highlights the potential pitfalls of code-generating systems as vendors like GitHub start marketing them in earnest. “Code-generating systems are currently […]
Leave a Reply