The US Federal Bureau of Investigation (FBI) has confirmed that the Lazarus group and APT 38 are responsible for the theft of $100 million on the Harmony blockchain platform last June. They also tried to launder money through the RAILGUN privacy protocol.
Crime experts in the United States allege that the stolen cryptocurrency is being used by the North Korean regime to fund ballistic missile and weapons of mass destruction programs.
Harmony is a first-level blockchain that was launched in 2019 and supports Ethereum applications. With the Horizon blockchain bridge that runs on this ecosystem, users can move assets between the Harmony network and the Bitcoin, Ethereum, and Binance Chain networks. In June 2022, the Horizon bridge was hacked and the attacker was able to withdraw $100 million worth of cryptocurrency in 18 minutes and send these assets for exchange for Ethereum on a decentralized exchange.
On June 25, according to the FBI, cybercriminals from the Lazarus and APT38 group with ties to North Korea stole $100 million worth of virtual currency from Harmony's Horizon bridge. According to the FBI and the Cybersecurity and Infrastructure Security Agency (CISA), the hack was linked to a malware campaign called "TraderTraitor" led by the Democratic People's Republic of Korea.
According to new information, on January 13, hackers used a privacy protocol called Railgun to launder more than $60 million in Ethereum from funds stolen from the Horizon Bridge. Some of these assets in Ethereum were then sent to several crypto exchanges and converted into bitcoin.
Then some of these bitcoins were frozen on some platforms that cooperate with the FBI. The remaining bitcoins were transferred to 11 addresses that the FBI released in a statement.
The Horizon Bridge hack resulted in the loss of 14 different types of digital assets. The developers initially proposed to hardfork the network and issue billions of native tokens of the ONE project to compensate for the losses of customers. However, the community did not support this plan and it was decided to use funds from the project treasury to cover the losses.