FBI: Lazarus Group carried out Harmony’s Horizon Protocol attack

The Federal Bureau of Investigation (FBI) confirmed on Jan. 23 that Lazarus Group was responsible for last year’s attack on Harmony’s Horizon Protocol.

The FBI said that its ongoing investigations have confirmed that Lazarus Group (and the subunit or overlapping group APT-38) were involved in the attack on Horizon. Lazarus Group and its associated groups are sponsored by the North Korean government.

The FBI added that it is working to recover crypto stolen by North Korean groups in order to deprive the country of funding for missile and WMD development.

Railgun money laundering attempt

Last week, more than $60 million of crypto tied to the attack began to move over the Ethereum-based privacy network Railgun in an attempt at money laundering.

The FBI said that those responsible for the theft sent their ill-gotten gains to various crypto exchanges and converted those assets to Bitcoin. The agency said that it froze a portion of the stolen funds with the help of the involved crypto exchanges. It also said that the attackers moved any funds that were not frozen to 11 other addresses.

Though the FBI did not identify which exchanges helped to freeze accounts, reports suggest that Binance and Huobi recovered slightly less than $3 million of funds in mid-January.

The Horizon hack

Horizon was originally exploited for $100 million in June 2022. Though Lazarus Group’s involvement in the attack was not confirmed until today, it has been the main suspect since the attack on Horizon was first reported last summer. Findings from the analytics firm Elliptic suggested that fact shortly after the attack occurred.

Lazarus Group has been tied to other crypto hacks as well — including attacks on the Ronin Network and various Japanese blockchain firms.

Mentioned in this article

Harmony Horizon Protocol Binance Elliptic HTX

Author

Mike Dalton

Journalist at CryptoSlate

Before transitioning to crypto writing in 2018, Mike studied library and information sciences. Currently, he resides on Canada's West Coast.

Ad

TRON DAO at Harvard Blockchain Conference and New TRON Builder Tour Stop

Ad

CryptoSlate on X x.com/cryptoslate

Catch the latest in crypto by following us on X. Stay informed on the go.

Join 50k followers

Ad

Latest North Korea Stories

Munchables recovers $62.5 million in user funds after exploit linked to North Korean hacker

DeFi 3 weeks ago

The gaming platform had unknowingly hired a North Korean hacker as one of its core developers.

North Korean Lazarus group funnels over $100 million in Ethereum through sanctioned mixer Tornado Cash in 8 days

Technology 4 weeks ago

North Korea's crypto thefts reach $750 million in 2023, UN report reveals.

North Korean attackers crypto theft fall 30% to $600M in 2023

Hacks 3 months ago

North Korea-backed hackers have diversified their laundering strategies in response to sanctions imposed by Western authorities.

North Korea’s Lazarus Group escalates crypto attacks via Telegram phishing

Hacks 4 months ago

The attackers impersonate legitimate venture capital firms on Telegram and use meeting and scheduling apps to launch sophisticated phishing attacks.

Latest Alpha Market Report

Available exclusively via

Dial H for Halving: Unpacking the technicalities of Bitcoin’s halving

Andjela Radmilac · 4 days ago

CryptoSlate's latest market report dives deep into the Bitcoin halvings, exploring its technical underpinnings, the historical context of previous halvings, and their long-term impacts on the network.

Latest Press Releases

View All

Circle of Games secures $1 million of strategic funding from Nazara Technologies and The Hashgraph Association

Chainwire 10 hours ago

ceτi AI Acquires Big Energy Investments Inc. to Boost Its High-Performance Computing Capabilities in North America

Chainwire 12 hours ago

Over 1,000 Builders, Partners, Investors and Enthusiasts Gather at Inaugural Global Event to Celebrate Sui

Chainwire 12 hours ago