The FBI’s thorough investigation, which was duly and meticulously carried out, leads them to believe that the Lazarus Group and APT38 committed the theft from Harmony’s Horizon Bridge. As per the contents of the report submitted by them on the 24th of June, 2022, the stolen amount happened to have been $100 million and in the form of virtual currency. For the uninitiated, APT38 is a group of cyber players with a direct link to the Democratic People’s Republic of Korea (DPRK).
The FBI conducted these in-depth investigations as part of the ongoing process of combating improper and illegal activities pursued by the DPRK, which has proven to be a significant threat perception for the United States and its private sector associations.
At the moment, the FBI Los Angeles, along with the FBI Charlotte, and the FBI’s Cyber Division, is actively engaged in the investigation and prevention of North Korea’s theft and laundering of digital currency, which is being used to support their ballistic missile and Weapons of Mass Destruction plans. Along with the FBI, the United States Attorney’s Office for the Central District of California also happens to be involved in on-going investigations. Part of the team also happens to be the FBI’s Virtual Assets Unit, along with the National Cryptocurrency Enforcement Team.
It happened to have been the 13th of January, 2023, when the cyber actors connected with North Korea took the help of RAILGUN, which happens to be a privacy protocol, for the laundering of more than the amount of $60 million in Ethereum (ETH), which they apparently took in the course of the June 2022 grand theft. A certain amount of this very stolen Ethereum was then transferred to various virtual asset service providers, and eventually, the conversion to Bitcoin (BTC) was carried out.
Following the detailed investigation and, consequently, the correct identification, a certain amount of these funds happened to have been successfully frozen with the close cooperation of a few of the virtual asset service providers. The rest of the bitcoins were moved to addresses that have also been identified.
A while back, the FBI, along with the Cybersecurity and Infrastructure Security Agency (CISA), and the U.S. Treasury Department brought out a joint Cybersecurity Advisory, speaking of a malware campaign, Trader Traitor, which the DPRK utilized in the Harmony case. In the meantime, the FBI will follow the illegal trial being left by the DPRK and effectively expose them.