디지털자산 크로스 체인 보안 위협 분석
2026-07-06 • FSI • Digital Asset Cross-Chain Security Threat Analysis •
Attachments
source_3798.pdf (4 MB)
Financial Security Institute's DeepChain report analyzes cross-chain digital-asset security through Lazarus-linked bridge incidents and laundering patterns. It says North Korean Lazarus-linked or suspected activity accounts for about 63% of reviewed cross-chain hacking losses, then details Ronin Bridge, Harmony Horizon, Orbit Chain, and KelpDAO cases involving social engineering, endpoint compromise, validator-key or RPC-infrastructure abuse, fraudulent withdrawals, and large-scale theft. The report also describes Lazarus laundering methods using DEX swaps, Tornado Cash, Railgun, Wasabi CoinJoin, chain hopping, wallet splitting, long dormancy, exchanges, and OTC networks. Its core defensive message is that cross-chain security depends on the weakest trust component: key management, validator independence, RPC/verifier infrastructure, governance, and human security must all be protected.