- The FBI confirmed North Korean cybercrime teams exploited Harmony Bridge.
- Hackers moved $60 million of stolen funds through RAILGUN, an Ethereum-based privacy protocol.
- The exploiters compromised two out of four multisigs securing the bridge last June.
- FBI has been vocal in its efforts to reduce cases of exploitation.
Barely eight months after the devastating attack on Harmony Bridge, the United States Federal Bureau of Investigation (FBI) has published its findings about the exploitation. In a report published on January 23, the law enforcement agency affirmed Lazarus Group, a North Korean cybercrime team, and APT38 as the architects of the exploitation.
The FBI’s investigation showed that both hacking groups worked together to exploit the bridge and stole $100 million worth of digital assets through the operation.
As per the report, hackers moved about $64 million of the stolen funds through RAILGUN, an Ethereum-based privacy protocol, a few days ago. Self-proclaimed Blockchain detective ZachXBT had earlier raised this alarm on his Twitter handle.
1/2 North Korea’s Lazarus Group had a very busy weekend moving $63.5m (~41000 ETH) from the Harmony bridge hack through Railgun before consolidating funds and depositing on three different exchanges. pic.twitter.com/huDumaJeSh— ZachXBT (@zachxbt) January 15, 2023
Later, popular crypto exchange Binance halted the move after discovering that the hackers were attempting to launder the stolen funds using Huobi. This thus led to the recovery of an undisclosed part of the stolen funds.
Now confirming the recovery of part of the funds, the FBI commended the support of virtual asset service providers for freezing it. The agency confirmed that the remaining Bitcoin subsequently moved to some addresses.
The exploitation of Harmony occurred last June. The exploiters reportedly compromised two of the four multisig securing the bridge to steal the funds. Since then, investigations have been ongoing to unravel the attack’s masterminds.
FBI Steps Up to Reduce Exploitation
The FBI has been vocal in its bid to reduce the rising cases of exploitation in the industry. In August, it warned investors to do due research before committing their investment to DeFi platforms. Also, the agency advised DeFi platforms to enhance their security by improving their monitoring and conducting stringent code testing and encouraged them to employ private auditors to audit their codes.
Additionally, the FBI set up a crypto crime unit in February 2022 to track and freeze illegal cryptocurrencies to address the rising exploitation. The unit must evaluate crypto crime cases that need resources for proper investigations.
On the Flipside
- Cyber groups affiliated with North Korea have reportedly expanded their activities beyond hacking. A report published in December argued that the Lazarus Group is also pretending to be a venture capital firm, potential employers, and banks.
Why You Should Care
Lazarus Group and APT38 are among the North Korean hacker groups that have stolen cryptocurrency worth $1.2 billion since 2017. Regarding the Harmony Bridge attack, several reports initially linked it to Lazarus, but none offered any evidence to back up their claims. However, the FBI’s investigation report confirmed the findings.
You May Also Like:
Harmony Grants $300 Million Fund for DAOs and Launches Bitcoin Bridge
Lazarus Group Moves $64 Million from Harmony Exploit, Binance Freezes 125 BTC from Loot