Lazarus Hacker Gruppe infographic
Grafik zeigt die Zeitleiste der Hacks von der Lazarus Gruppe.


Lazarus Hacker Gruppe - Zeitleiste

By Duncan Mil

June 30, 2022 - Nordkoreas staatlich geförderte Lazarus Gruppe von Hackern ist mutmaßlich für den Angriff verantwortlich, bei dem $100 Millionen in Kryptowährung der US Firma Horizon Bridge gestohlen wurden. Horizon Bridge bietet ein Service an, mit dem Aktiva an andere Blockchains überwiesen werden.

Lazarus Group, also known as APT 38 (advanced persistent threat), is led by North Korea’s Reconnaissance General Bureau -- Pyongyang’s intelligence agency. Stolen funds are used to support North Korea’s weapons of mass destruction and its ballistic missile programmes.

The hacking group’s earliest known attack is “Operation Troy,” which occurred from 2009 to 2012. This was a cyber-espionage campaign that used distributed denial-of-service attack (DDoS) techniques to target the South Korean government in Seoul

In 2014, Lazarus Group caused mayhem in Hollywood and Sony Pictures Entertainment when hundreds of hard drives were wiped. Internal emails were also leaked after the studio released “The Interview,” a comedy that ridiculed North Korea’s leader Kim Jong-un.

Horizon Bridge is a service operated by the Harmony blockchain that allows assets to be transferred to other blockchains.

The latest heist in decentralized finance (DeFi) occurred on June 23. The style of attack and the use of a “mixer” -- used to obscure the origin of funds -- is similar to previous hacks attributed to Lazarus, Chainalysis, a blockchain firm investigating the attack, said on Twitter.

In late March, around $620 million in Ethereum was stolen. The FBI identified two groups behind the heist, including the Lazarus Group.

If Lazarus is confirmed as the Horizon Bridge hacker, Chainalysis said the attack will be the group’s eighth this year -- totalling $1 billion in stolen funds.

PUBLISHED: 30/06/2022; STORY: Graphic News; PICTURES: U.S. Justice Department, Sony Pictures Entertainment