Grupo de hackers Lazarus infographic
El gráfico muestra una cronología de hackeos del Grupo Lazarus.


Cronología del grupo de hackeo Lazarus

By Duncan Mil

June 30, 2022 - Se cree que el Grupo Lazarus, que tiene patrocinio estatal de Corea del Norte, está detrás de un ataque en que fueron robados $100 millones en criptomoneda de la compañía estadounidense Horizon Bridge, un servicio que permite tranferencias de activos a otras cadenas de bloques.

Lazarus Group, also known as APT 38 (advanced persistent threat), is led by North Korea’s Reconnaissance General Bureau -- Pyongyang’s intelligence agency. Stolen funds are used to support North Korea’s weapons of mass destruction and its ballistic missile programmes.

The hacking group’s earliest known attack is “Operation Troy,” which occurred from 2009 to 2012. This was a cyber-espionage campaign that used distributed denial-of-service attack (DDoS) techniques to target the South Korean government in Seoul

In 2014, Lazarus Group caused mayhem in Hollywood and Sony Pictures Entertainment when hundreds of hard drives were wiped. Internal emails were also leaked after the studio released “The Interview,” a comedy that ridiculed North Korea’s leader Kim Jong-un.

Horizon Bridge is a service operated by the Harmony blockchain that allows assets to be transferred to other blockchains.

The latest heist in decentralized finance (DeFi) occurred on June 23. The style of attack and the use of a “mixer” -- used to obscure the origin of funds -- is similar to previous hacks attributed to Lazarus, Chainalysis, a blockchain firm investigating the attack, said on Twitter.

In late March, around $620 million in Ethereum was stolen. The FBI identified two groups behind the heist, including the Lazarus Group.

If Lazarus is confirmed as the Horizon Bridge hacker, Chainalysis said the attack will be the group’s eighth this year -- totalling $1 billion in stolen funds.

PUBLISHED: 30/06/2022; STORY: Graphic News; PICTURES: U.S. Justice Department, Sony Pictures Entertainment