Daily Management Review

Experts Believe North Korea Is Behind A New $100 Million Cryptocurrency Breach


North Korean hackers are most certainly responsible for an attack last week that stole up to $100 million in cryptocurrencies from a US company, according to three digital investigative firms.
The cryptoassets were taken on June 23 through Horizon Bridge, a Harmony blockchain-operated service that allows assets to be transferred to other blockchains.
Since then, the hackers' behaviour shows they may be connected to North Korea, which experts say is one of the most prolific cyber attackers. According to UN sanctions monitors, Pyongyang is using the stolen monies to support its nuclear and missile programmes.
Chainalysis, a blockchain startup collaborating with Harmony to investigate the attack, stated on Twitter on Tuesday that the attack's approach and high velocity of structured payments to a mixer - designed to hide the origin of funds - are comparable to prior attacks ascribed to North Korean-linked hackers.
Other researchers came to the same conclusion.
"Preliminarily this looks like a North Korean hack based on transaction behaviour," said Nick Carlsen, a former FBI analyst who now investigates North Korea's cryptocurrency heists for TRM Labs, a U.S.-based firm.
Based on the nature of the attack and subsequent laundering of the stolen cash, another business, Elliptic, claimed in a report on Thursday that there are strong indications that North Korea's Lazarus Group may be involved for this crime.
"The thief is attempting to break the transaction trail back to the original theft," the report said. "This makes it easier to cash out the funds at an exchange."
If confirmed, the incident would be the eighth this year - totaling $1 billion in stolen assets - that could be confidently connected to North Korea, representing for 60% of total funds taken in 2022, according to Chainalysis.
The recent decline in bitcoin values may have hindered North Korea's ability to cash in on its stolen assets, analysts and South Korean officials told Reuters, potentially jeopardising a crucial source of money for the sanctions-strapped government.