North Korean-linked actors were behind the theft of $100 million through the hack of a crypto product last year, the Federal Bureau of Investigation said.
The FBI said it was “able to confirm” that Lazarus Group, a hacking group linked to Pyongyang also known as APT38, was responsible for the attack on the so-called Horizon Brigde in 2022.
Traders use a bridge to swap cryptocurrencies between different blockchain networks.
The FBI also said that the North Korean cyber actors this month used the Railgun system to launder over $60 million worth of the token ether stolen during the June 2022 heist. Railgun is a system designed to help preserve the anonymity of people moving cryptocurrency.
A portion of the stolen ether was sent to several virtual asset service providers and converted to bitcoin, the FBI said.
At the time of the hack, blockchain analytics firm Elliptic said that there were “strong indications” that Lazarus was behind the attack. Almost immediately, the hackers were attempting to move the funds around through means to obfuscate their identity.
The FBI said it continues “to identify and disrupt North Korea’s theft and laundering of virtual currency, which is used to support North Korea’s ballistic missile and Weapons of Mass Destruction programs.”
North Korean-linked attackers have been pinned to other crypto hacks.
Last year, the U.S. Treasury Department blamed Lazarus for a $600 million heist on Ronin Network, a so-called “sidechain” for popular crypto game Axie Infinity.