North Korea-linked hackers behind $100 million crypto heist, FBI says
- The FBI said it was "able to confirm" that Lazarus Group, aka APT38, a group linked to North Korea, was responsible for the attack on the so-called Horizon bridge last year.
- Hackers stole $100 million worth of cryptocurrencies in the attack on the Horizon bridge, which traders use to swap digital tokens between different blockchain networks.
- The FBI also said that the North Korean cyber actors this month used the Railgun system to launder over $60 million worth of the token ether stolen during the June 2022 heist.
North Korean-linked actors were behind the theft of $100 million through the hack of a crypto product last year, the Federal Bureau of Investigation said.
The FBI said it was "able to confirm" that Lazarus Group, a hacking group linked to Pyongyang also known as APT38, was responsible for the attack on the so-called Horizon bridge in 2022.
Traders use a bridge to swap cryptocurrencies between different blockchain networks.
The FBI also said that the North Korean cyber actors this month used the Railgun system to launder over $60 million worth of the token ether stolen during the June 2022 heist. Railgun is a system designed to help preserve the anonymity of people moving cryptocurrency.
A portion of the stolen ether was sent to several virtual asset service providers and converted to bitcoin, the FBI said.
At the time of the hack, blockchain analytics firm Elliptic said that there were "strong indications" that Lazarus was behind the attack. Almost immediately, the hackers were attempting to move the funds around through means to obfuscate their identity.
The FBI said it continues "to identify and disrupt North Korea's theft and laundering of virtual currency, which is used to support North Korea's ballistic missile and Weapons of Mass Destruction programs."
North Korean-linked attackers have been pinned to other crypto hacks.
Last year, the U.S. Treasury Department blamed Lazarus for a $600 million heist on Ronin Network, a so-called "sidechain" for popular crypto game Axie Infinity.
- CNBC's Ryan Browne contributed to this report
Correction: This story was updated to reflect that Lazarus Group is also known as APT38. They are not separate groups.
Phishing attacks are increasing and getting more sophisticated. Here's how to avoid them
LinkedIn has a fake account problem it's trying to fix
The biggest risks of using fitness trackers to monitor your health
The biggest risks of using Bluetooth trackers like Apple AirTag, Tile
The dark web's criminal minds see Internet of Things as next big hacking prize