My Blog
Business

North Korea likely behind $100 million Horizon crypto hack: Experts

North Korea likely behind 0 million Horizon crypto hack: Experts
North Korea likely behind 0 million Horizon crypto hack: Experts


A photo illustration showing the North Korean flag and a computer hacker.

Budrul Chukrut | Sopa Images | Lightrocket | Getty Images

North Korean state-sponsored hackers were likely the perpetrators of a hack that led to the theft of around $100 million in cryptocurrency, according to analysis from blockchain researchers.

The hackers targeted Horizon, a so-called blockchain bridge developed by U.S. crypto start-up Horizon. The tool is used by crypto traders to swap tokens between different networks.

There are “strong indications” that Lazarus Group, a hacking collective with strong ties to Pyongyang, orchestrated the attack, blockchain analytics firm Elliptic said in a blog post Wednesday.

Most of the funds were immediately converted to the cryptocurrency ether, Elliptic said. The firm added that hackers have started laundering the stolen assets through Tornado Cash, a so-called “mixing” service that seeks to obscure the trail of funds. So far, around $39 million worth of ether has been sent to Tornado Cash.

Elliptic says it used “demixing” tools to trace the stolen crypto sent through Tornado Cash to several new ether wallets. Chainalysis, another blockchain security firm that’s working with Harmony to investigate the hack, backed up the findings.

According to the companies, the way the attack was carried out and the subsequent laundering of funds bear a number of similarities with previous crypto thefts believed to be perpetrated by Lazarus, including:

  • Targeting of a “cross-chain” bridge — Lazarus was also accused of hacking another such service called Ronin
  • Compromising passwords to a “multisig” wallet that requires only a couple signatures to initiate transactions
  • “Programmatic” transfers of funds in increments every few minutes
  • The movement of funds stops during Asia-Pacific nighttime hours

Harmony said it is “working on various options” to reimburse users as it investigates the theft, but stressed that “additional time is needed.” The company also offered a $1 million bounty for the return of the stolen crypto and information on the hack.

North Korea has frequently been accused of carrying out cyberattacks and exploiting cryptocurrency to get around Western sanctions. Earlier this year, the U.S. Treasury Department attributed a $600 million heist on Ronin Network, a so-called “sidechain” for popular crypto game Axie Infinity, to Lazarus.

North Korea has denied involvement in state-sponsored cyberattacks in the past, including a 2014 data breach targeting Sony Pictures.

Related posts

Aid reaches northern Gaza as Israel and Hamas consider truce talks

newsconquest

Lemons, peaches and TCM bought as protection from virus

newsconquest

Apple returns to top 5 in China with iPhone 16, Huawei grows faster

newsconquest