Last Updated on January 24, 2023 by Bitfinsider

The $100 million Harmony Bridge Hack from June 2022 was carried out by the Lazarus Group and APT38, according to the Federal Bureau of Investigation (FBI).

Although a cyber gang with ties to North Korea had long been suspected of being responsible for the attack, police hadn’t yet confirmed their involvement.

“Through our investigation, we were able to confirm that the Lazarus Group and APT38, cyber actors associated with the DPRK, are responsible for the theft of $100 million of virtual currency from Harmony’s Horizon bridge,” the FBI said in a statement on January 23.

Security flaws in Harmony’s Horizon Ethereum bridge led to the Harmony Bridge hack in 2022, which gave hackers access to a lot of assets kept in the bridge via 11 transactions.

The FBI also noted that earlier this month, the North Korean hackers began transferring about $60 million of the stolen money via the Ethereum-based anonymity protocol RAILGUN. ZachXBT, a blockchain investigator, previously highlighted this on Twitter on January 16.

According to CEO Changpeng Zhao, Binance quickly helped Huobi in freezing and reclaiming the digital assets the hackers had placed after it was discovered the hackers were attempting to launder money through that exchange.

The FBI said: “On Friday, January 13, 2023, North Korean cyber actors used RAILGUN, a privacy protocol, to launder over $60 million worth of Ethereum (ETH) stolen during the June 2022 heist,” and further stated that “a portion of these funds were frozen, in coordination with some of the virtual asset service providers. The remaining bitcoin subsequently moved to the following addresses.”

The FBI said in a statement that it has continued to “to identify and disrupt North Korea’s theft and laundering of virtual currency, which is used to support North Korea’s ballistic missile and Weapons of Mass Destruction programs,” along with the assistance of the U.S. Attorney’s Office and the U.S. Justice Department’s crypto unit.

The Lazarus group is a well-known hacker group that is suspected of being responsible for the $600 million Ronin Bridge hack from March of last year. The group has apparently been involved in a number of significant crypto industry exploits.

The Office of Foreign Assets Control of the US Treasury Department made this clear in April 2022 by adding the Lazarus Group on its list of Specially Designated Nationals and Blocked Persons (SDN) in the wake of the breach.

In reaction to the Ronin Bridge incident, the FBI and the Cybersecurity and Infrastructure Security Agency issued a warning alert about state-sponsored cyber threats coming from North Korea that target blockchain companies.