Two groups of North Korean hackers have been behind $100 million theft in June in the crypto assets of Horizon Bridge, the Federal Bureau of Investigation (FBI) said in a statement on Monday.
Horizon Bridge, a service for exchanging crypto assets between the Harmony blockchain and other blockchains, has been stripped of ether (ETH), tether (USDT), and shrouded bitcoin (wBTC). The FBI said hackers – “cyber actors associated with the [Democratic People’s Republic of Korea]” – relied on a malware campaign known as “TraderTraitor” in the Harmony attack.
Two weeks ago, a privacy protocol, Railgun, was used to launder over $60 million in ETH stolen in last year’s robbery, according to the FBI. Some was sent to other service providers and changed to bitcoin. Some of the funds were frozen and others were moved to addresses identified in the agency’s statement.
At least one industry research firm had already partially reached the same conclusion about the identity of the attackers last year, identify Lazarus and North Korea.
US authorities have said North Korea’s crypto thefts and asset laundering are used “to support North Korea’s ballistic missile and weapons of mass destruction programs,” according to the statement.
Lazarus Group had previously been accused of steal over $600 million Ronin bridge cryptocurrency linked to Axie Infinity.