צפון קאָרעיִש כאַקערז ריפּאָרטאַדלי הינטער די $ 100 מיליאָן האַרמאָני עקספּלאָיט

The notorious North Korean hacking group – the Lazarus Group – is suspected to be the one that attacked the cryptocurrency protocol Harmony. The criminal organization has been involved in numerous similar heists throughout the recent years.

The Lazarus Group’s Next Victim

Last week, Harmony גילוי that wrongdoers breached its Horizon Bridge and drained approximately $100 million worth of Ethereum. Shortly after, Harmony’s team launched a “global manhunt” for the criminals responsible for the attack.

Cited by Bloomberg, the firm that tracks stolen digital assets – Elliptic Enterprises – stated that the exploit was most likely carried out by the Lazarus Group (a cybercrime entity backed by the North Korean state). According to the company, the laundering methods were much similar to maneuvers previously used by the hackers:

"עס זענען שטאַרק אָנווייַז אַז צפון קארעע ס לאַזרוס גרופע קען זיין פאַראַנטוואָרטלעך פֿאַר דעם גנייווע, באזירט אויף די נאַטור פון די כאַק און די סאַבסאַקוואַנט לאָנדערינג פון די סטאָלען געלט."

In addition, Elliptic explained in detail how the heist was carried out. The Lazarus Group targeted username and password credentials of Harmony’s employees in the Asia Pacific region to breach the protocol’s security system. Once gaining control, the criminals employed automated laundering services to move the stolen assets during nighttime hours.

Elliptic also claimed that the hacking organization has already transferred over 40% of the $100 million to a Tornado Cash mixer.

A recent research conducted by Coincub עסטימאַטעד that North Korea is by far the top-ranked nation for crypto crime. Over the years, skilled hackers from the totalitarian country have targeted governments and private companies across the globe, stealing more than $1.5 billion in digital assets between 2017-2022.

Stolen Crypto Fuels Nuclear Experiments

Earlier this year, the United Nations (UN) also אָנגעקלאָגט North Korea of stealing cryptocurrencies worth millions of dollars and claimed that the Asian state used those assets to fund missile and nuclear trials. 

The UN reminded that the North Korean government had launched nine nuclear experiments in January alone, the largest number of such tests that the nation has executed in a single month. 

Despite the multiple warnings and severe sanctions, Pyongyang has continued to develop its ballistic missile infrastructure:

"DPRK דעמאַנסטרייטיד געוואקסן קייפּאַבילאַטיז פֿאַר גיך דיפּלוימאַנט, ברייט מאָביליטי (אַרייַנגערעכנט אין ים), און ימפּרוווד ריזיליאַנס פון זייַן מיסאַל פאָרסעס." 

Unsurprisingly, Russia and China refused to sign the UN’s statement, which accuses North Korea of funding its nuclear trials with stolen crypto assets.