FBI Says Lazarus Group Behind $100 Million Harmony Bridge Heist


The FBI is pinning the blame for a $100 million cryptocurrency heist last June on the Lazarus Group, a team associated with the North Korean government that is notorious for stealing cryptocurrency to help support that country’s military and weapons programs.

On Tuesday, the FBI released a statement identifying Lazarus Group, also known as APT38, as the culprit for the June 24 attack on the Harmony Horizon bridge that resulted in the loss of $100 million in Ethereum. The Harmony Horizon bridge is a connection between various cryptocurrency systems, specifically Harmony and Ethereum, Bitcoin, and Binance Chain. In June, attackers were able to gain access to the bridge and make off with the Ethereum.

“The Harmony team has identified a theft occurring this morning on the Horizon bridge amounting to approx. $100MM. We have begun working with national authorities and forensic specialists to identify the culprit and retrieve the stolen funds,” Harmony said at the time of the incident.

The FBI, along with the Department of Justice’s National Cryptocurrency Enforcement Team, and various United States attorney’s offices has been investigating the Harmony heist and on Tuesday said that the Lazarus Group was responsible for the attack and had used its malware tool known as TraderTraitor as part of the operation.

“On Friday, January 13, 2023, North Korean cyber actors used RAILGUN, a privacy protocol, to launder over $60 million worth of ethereum (ETH) stolen during the June 2022 heist. A portion of this stolen ethereum was subsequently sent to several virtual asset service providers and converted to bitcoin (BTC),” the FBI said in a statement.

“On Friday, January 13, 2023, North Korean cyber actors used RAILGUN, a privacy protocol, to launder over $60 million worth of ethereum (ETH) stolen during the June 2022 heist.”

The Lazarus Group has been operating for many years and is closely associated with the government of North Korea and typically operates in support of the government’s interests. The group’s best-known operation was an attack on the Bank of Bangladesh in 2016 that netted it $81 million and Lazarus has continued to target banks and crypto…

Source…