Lazarus hacking group timeline

North Korea’s state-sponsored Lazarus Group of hackers is believed to be behind an attack that stole $100 million in cryptocurrency from U.S. company Horizon Bridge
 

Randall Park (left) as President Kim Jong-un in Sony Pictures’ 2014 comedy The Interview. Lazarus Group’s Park Jin Hyok (right)


Lazarus Group: Also known as APT 38 works for North Korea’s intelligence agency

Sep 2018: U.S. Department of Justice charges 34-year-old Park for cyber attacks dating from 2014


2009-12: Operation Troy
Distributed denial-of-service (DDoS) attacks against South Korean government

2014: Sony Pictures attack
Hundreds of hard drives wiped and internal emails leaked after studio releases The Interview 

2015: Bank heists
$12 million stolen from Banco del Austro in Ecuador, $1 million from Vietnam’s Tien Phong Bank

2016: Bangladesh Bank
$81 million successfully stolen from Bangladesh Bank – country’s central bank

2017: WannaCry attack
Ransomware attack affects nearly 200,000 computers in 150 countries

2017: Crypto attacks
Four attacks on cryptocurrency exchanges net $571 million

2018: Crypto attacks
Lazarus hacks $500 million

2019: Crypto attacks
Lazarus steals $250 million
    
2020: Crypto attacks
Lazarus hacks $300 million, including $275m from KuCoin. Starts using decentralised finance (DeFi) to launder stolen funds

2021: Crypto attacks
Lazarus steals $400 million. Revenue supports North Korea’s nuclear weapons and missile programmes

Jun 23, 2022: Horizon Bridge attack. DeFi service, operated by Harmony, allows cryptoassets to be transferred between blockchains

2022 attacks: If Lazarus is confirmed as Horizon Bridge hacker, attack will be group’s eighth this year – totalling $1 billion in stolen funds


Sources: Chainalysis, Reuters, Trend Micro
Pictures: FBI, Sony Pictures 
© GRAPHIC NEWS