The FBI accused two groups of North Korean government hackers of carrying out last year’s heist of $100 million in crypto stolen from a company that allows users to transfer cryptocurrency from one blockchain to another.
On Monday, the FBI announced that the Lazarus Group and APT38 — two groups linked to the North Korean government by both cybersecurity companies and government agencies — were responsible for the hack against the Horizon bridge, created by the U.S. company Harmony, in June 2022.
Citing cybersecurity experts, Reuters reported last year that North Korea was likely the culprit of the hack, which exploited a vulnerability in the bridge to steal various cryptocurrency assets, such as Ethereum, Binance Coin, Tether, USD Coin, and Dai.
The FBI said that on January 13, the North Korean hackers used RAILGUN, a crypto “privacy protocol,” to launder $60 million in Ethereum stolen from Harmony.
“A portion of this stolen ethereum was subsequently sent to several virtual asset service providers and converted to bitcoin (BTC),” the FBI said in its announcement. “A portion of these funds were frozen, in coordination with some of the virtual asset service providers.”
The FBI also published 11 cryptocurrency wallets where the remaining $40 million in stolen bitcoin were moved to.
North Korea has a long history of targeting cryptocurrency companies to raise money for the regime, which sees crypto as a way to evade international sanctions and to fund its nuclear weapons program. Last year, the FBI, the Cybersecurity and Infrastructure Security Agency (CISA), and the U.S. Treasury Department published an advisory detailing North Korea’s activities targeting crypto companies.
According to South Korea’s National Intelligence Service, North Korea has stolen around $1.2 billion worth of crypto in the last five years, including $626 million in 2022 alone.
Harmony’s Horizon is a so-called blockchain bridge — also known as cross-chain bridges, a tool that allows users to transfer digital assets from one blockchain to another, allowing different blockchains created by different companies to be interoperable. Several of these bridges have had serious vulnerabilities, making them a favorite target for hackers.
“Blockchain bridges have become the low-hanging fruit for cyber-criminals, with billions of dollars worth of crypto assets locked within them,” Tom Robinson, co-founder and chief scientist at blockchain analytics firm Elliptic, told CNBC last year. “These bridges have been breached by hackers in a variety of ways, suggesting that their level of security has not kept pace with the value of assets that they hold.”
Chainalysis, another blockchain analytics firm, estimated that around $1.4 billion were stolen from blockchain bridges last year.
https://techcrunch.com/
Emerging Indian social media app Slick left an internal database containing users’ personal information, including data of school-going children, publicly exposed to the internet for months. Since at least December 11, a database containing full names, mobile numbers, dates of birth, and profile pictures of Slick users was left online without a password. Bengaluru-based Slick launched in […]
CircleCI, a company whose development products are popular with software engineers, has urged users to rotate their secrets following a breach of the company’s systems. The San Francisco–headquartered DevOps company said in an advisory published late Wednesday that it is currently investigating the security incident — its most recent in recent years. “We wanted to make you […]
After gaining access via RDP, all three threat actors encrypted files, in an investigation complicated by event log clearing and backups. 3 attackers, 2 weeks – 1 entry point. Written by Linda Smith, Rajat Wason, Syed Zaidi AUGUST 10, 2022 SECURITY OPERATIONS ACTIVE ADVERSARY PLAYBOOK BLACKCAT FEATURED HIVE LOCKBIT RANSOMWARE SOPHOS X-OPS In May 2022, an automotive supplier was hit with three separate ransomware attacks. […]
Leave a Reply