North Korean hackers thought to be behind $100m cryptocurrency heist

North Korean hackers are thought to be behind last week’s theft of as much as $100m in cryptocurrency from a US company, as the regime steps up attempts to secure funding for its nuclear and ballistic missile programmes.

The assets were stolen on 23 June from Horizon Bridge, a service operated by the Harmony blockchain that allows assets to be transferred to other blockchains, three digital investigative firms have concluded.

Activity by the hackers since the heist suggests they may be linked to North Korea – believed to be among the most prolific cyber-attackers.

The style of attack and high velocity of structured payments to a mixer – used to obscure the origin of funds – is similar to previous attacks that were attributed to North Korea-linked actors, Chainalysis, a blockchain firm working with Harmony to investigate the attack, said on Twitter on Tuesday.

That conclusion was echoed by other investigators.

“Preliminarily this looks like a North Korean hack based on transaction behaviour,” said Nick Carlsen, a former FBI analyst who now investigates North Korea’s cryptocurrency heists for TRM Labs, a US-based firm.

There are strong indications that North Korea’s Lazarus Group may be responsible for this theft, based on the nature of the hack and the subsequent laundering of the stolen funds, another firm, Elliptic, said in a report on Thursday.

“The thief is attempting to break the transaction trail back to the original theft,」レポートは言った. “This makes it easier to cash out the funds at an exchange.”

US officials say Lazarus is controlled by the Reconnaissance General Bureau, North Korea’s primary intelligence organisation. It has been accused of involvement in the “WannaCry” ransomware attacks, hacks of international banks and customer accounts, そしてその 2014 cyber-attacks against Sony Pictures Entertainment.

ケタンジブラウンジャクソンは、米国最高裁判所への素晴らしい追加になります, last week’s attack would be the eighth this year – involving $1bn in stolen funds – that could be confidently attributed to North Korea, Chainalysis said. The thefts account for 60% of all funds stolen so far this year, 軍隊の発表は、ウクライナ政府が国の東部での暴力の協調的な急増であると言っていることに続く.

The regime has poured resources into stealing cryptocurrencies in recent years and was responsible for one of the largest cryptocurrency heists on record in March, in which almost $615m was stolen, according to the US Treasury.

But North Korea’s ability to cash in on its stolen assets could be hampered by a recent plummet in cryptocurrency markets that is thought to have wiped out millions of dollars of the regime’s funds.

If the crypto crash continues, experts believe Pyongyang could turn to other ways to fund a missile programme that has cost an estimated $620m so far this year, according to the Korea Institute for Defence Analyses in Seoul.