The Federal Bureau of Investigation (FBI) of the United States asserted that it will continue to battle “malicious cyber activity” after it confirmed that the Lazarus Group, a cybercriminal group linked to North Korea, is among those behind the $100 million Harmony Protocol attack.
FBI to protect U.S. vs North Korea
In its statement, the FBI says it will protect the U.S. and the country’s investors against the “danger of the Democratic People’s Republic of Korea (DPRK).
The statement added that it was able to establish through its investigation that the group and APT38, another cybercriminal group also associated with North Korea, are responsible for the theft of $100 million worth of virtual currency from the protocol that happened on June 24 last year.
On January 13, six months after the hack, more than $60 million in Ethereum was found. This allowed the law enforcement agency to conclusively identify the Lazarus Group and APT38 as the culprits of the crime.
Lazarus behind several hack
The hackers used the privacy protocol RAILGUN in a bid to conceal their transactions but some of the assets were later confiscated and recovered by exchanges because the hackers attempted to swap the money for Bitcoin. Then, funds that couldn’t be recovered were sent to 11 Ethereum addresses.
Blockchain experts connected the vulnerability used in the June Harmony attack to the Lazarus Group using a mix of on-chain investigation and parallels to earlier hacks carried out by the same group. The Lazarus Group has long been a source of concern for the American government, but up until today, the organization had not been formally charged with being behind the Harmony breach.
The FBI also stated that the hackers’ laundered virtual currency is financed for “North Korea’s ballistic and weapons of mass destruction program,” thus the U.S. security and cybercrime officers remain to “identify and disrupt North Korea’s theft and laundering of virtual currency.”