FBI confirms that North Korea-linked Lazarus APT is behind Harmony Horizon Bridge $100 million cyber heist

The attacker accomplished this by somehow controlling the owner of the MultiSigWallet to call the confirmTransaction() directly to transfer large amounts of tokens from the bridge on Harmony, which led to a total loss around $97M worth of asset on the Harmony chain which the attacker has consolidated into one main address.”On June 27, the threat actors behind the cyber heist culprit have begun transferring the funds (roughly $39 million) through the Tornado Cash mixer service to launder the illicit profits. Through our investigation, we were able to confirm that the Lazarus Group and APT38, cyber actors associated with the DPRK, are responsible for the theft of $100 million of virtual currency from Harmony’s Horizon bridge reported on June 24, 2022.” reads the report published by the FBI. The blockchain security firm Elliptic was able to analyze the transactions even after the use of the mixer service, it first reported that the North Korea-linked Lazarus APT was behind the attack.