• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
Cyber Security News

FBI Confirms Lazarus Group Was Behind $100m Harmony Hack

You are here: Home / General Cyber Security News / FBI Confirms Lazarus Group Was Behind $100m Harmony Hack
January 24, 2023

The US Federal Bureau of Investigation (FBI) has verified that North Korea’s Lazarus Team and APT28 were being powering the $100m theft from cryptocurrency organization Harmony discovered in June 2022.

Producing in its formal website on Monday, the Bureau mentioned it spotted the North Korean cyber actors employing the privacy protocol Railgun to launder over $60m value of Ethereum (ETH) stolen through the heist.

“A part of this stolen Ethereum was subsequently sent to several digital asset support vendors and converted to bitcoin (BTC),” reads the put up.

✔ Approved Seller From Our Partners
Mullvad VPN Discount

Protect your privacy by Mullvad VPN. Mullvad VPN is one of the famous brands in the security and privacy world. With Mullvad VPN you will not even be asked for your email address. No log policy, no data from you will be saved. Get your license key now from the official distributor of Mullvad with discount: SerialCart® (Limited Offer).

➤ Get Mullvad VPN with 12% Discount


The FBI also claimed that when some of these money ended up frozen (in coordination with some digital asset service vendors), the remaining Bitcoin finally moved to 11 identified addresses.

“FBI Los Angeles and FBI Charlotte […] proceed to recognize and disrupt North Korea’s theft and laundering of digital currency, which is applied to guidance North Korea’s ballistic missile and weapons of mass destruction courses,” the Bureau wrote.

In accordance to Kevin Bocek, VP of security method and risk intelligence at Venafi, Lazarus is identified for thieving cryptocurrency by exploiting machine identities, so the attribution of the Harmony attack is not astonishing.

“When disclosing the breach, Harmony supplied proof that its non-public keys – a core ingredient of machine identity – had been compromised, opening the doorway to Lazarus and enabling it to decrypt knowledge and siphon off resources. This displays the electricity of device identities falling into the completely wrong arms.”

More, Bocek described that Venafi’s exploration confirmed that attacks from North Korean menace teams are often financial.

“Cybercrime has develop into an vital cog in the survival of Kim’s dictatorship, enabling North Korea to evade worldwide sanctions and fund its weapons programs,” the security expert added.

“Any enterprise that features a financial get to North Korean threat teams could be a focus on, especially in the somewhat unregulated cryptocurrency industry.”

The actuality that the Lazarus Team may possibly be powering the $100m Harmony hack was 1st recommended by blockchain analytics business Elliptic times right after the breach was discovered.

Extra a short while ago, the menace actors have been involved with the exploitation of a Dell driver vulnerability and a collection of macOS malware infections.


Some pieces of this write-up are sourced from:
www.infosecurity-magazine.com

Previous Post: «Cyber Security News Microsoft to Block Excel XLL Add-Ins to Stop Malware Delivery

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • FBI Confirms Lazarus Group Was Behind $100m Harmony Hack
  • Microsoft to Block Excel XLL Add-Ins to Stop Malware Delivery
  • #DataPrivacyWeek: Consumers Already Concerned About AI’s Impact on Data Privacy
  • Chinese Hackers Utilize Golang Malware in DragonSpark Attacks to Evade Detection
  • FBI Says North Korean Hackers Behind $100 Million Horizon Bridge Crypto Theft
  • Security Navigator Research: Some Vulnerabilities Date Back to the Last Millennium
  • Up to 350,000 open source projects vulnerable to 15-year-old Python bug
  • Emotet Malware Makes a Comeback with New Evasion Techniques
  • Gartner: Zero Trust Won’t Mitigate Over Half of Attacks
  • ICO Offers Data Protection Advice to SMBs

Copyright © TheCyberSecurity.News, All Rights Reserved.